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Storage At Risk 



Where Is Your Enterprise Vulnerable 
When It Comes To Storage? 

by Christian Perry 

They say a pot of gold lies at the end of every rain- ^ 
bow. In the enterprise space, that pot is filled with 
data, and intruders ride the rainbow directly to that 
data using any of a variety of attack methods. Because 
data is the primary target of today's breaches, storage 
architectures are quickly coming under fire for their 
lack of security. 

"Human error is probably the most critical security 
vulnerability facing storage environments in small and 
medium-sized enterprises," says Andre Muscat, direc- 
tor of engineering at GFI Software (www.gfi.com). 
"IT administrators in SMEs are often overworked and 
required to do tasks that an administrator in a large 
business would never dream of doing. However, SMEs 
do not have the resources to employ huge IT teams, so 
all the work falls on one or two people ... it should 
not come as a surprise that some vulnerabilities arise 
because administrators do not have the time to think 
about security." 

Where Are You Vulnerable? 

Due to the nearly limitless expanse of storage across any given IT 
architecture — including all the devices that access that storage — the 
vulnerabilities that can emerge are numerous. According to Muscat, 
one of the most common is the failure to implement the concept of 
least privilege — giving administrator rights on employees' machines 
or full, unaccountable access to all data and share and file level. 

Another, he says, is the use of portable devices on the network. 
"Endpoint security is often overlooked by administrators who fail 
to realize that the USB sticks or iPods the employees bring to work 
every day are a perfect tool to copy data to or from the network. In 




a worst-case scenario, a 'trusted' but 'disgruntled' employee can 
bypass encryption, copy huge amounts of data, or upload malicious 
software, effectively bringing the network down or deleting impor- 
tant data," Muscat says. 

The threats don't end there. Muscat explains that many SMEs 
do not have a secure storage area for their file and database serv- 
ers. For example, if servers are kept in a box room or under a stair- 
case, they can be easily removed if there is a break-in. Greg 
Gendron, worldwide enterprise systems tape manager for IBM 
Go to Page 10 



The Buy vs. 
Build Debate 



Should SMEs Construct Their Own Data Centers 
Or Purchase Space In A Colocation? 



by Drew Robb 

Fifteen years ago, lots of people built 
their own PCs. These days, few bother with 
the task. Could the same thing be starting to 
happen with data centers? 

"For those looking at building dense in- 
frastructures without having to worry about 
power and cooling constraints, buy is better," 
says Missy Young, executive vice president 
of sales engineering at Switch Communica- 
tions Group (www.switchnap.com). "For 
many SMEs, the equation is weighted more 
towards buy due to the sheer economics." 



But the answer to buy vs. build isn't nec- 
essarily straightforward, especially for 
smaller organizations. "SMEs should eval- 
uate a number of factors before determin- 
ing whether to purchase space in an exist- 
ing facility or build their own," notes Vic 
Berger, a technology specialist at CDW. 
"First and foremost, it is important to 



consider the size requirements necessary to 
house the organization's data, as well as the 
relative value of the data to the business." 

Factors To Consider When Building 

SMEs should also consider such matters 
as how much it will cost to build all the ele- 
ments involved, such as physical infrastruc- 
ture, power, cooling, networking, hardware, 
and software, and how much it will cost to 
man the facility with both IT and physical 
security personnel. 

Most companies set off on the data center 
building adventure without knowing the 
reality of what it entails. First of all, there 
is that potential minefield of planning 
permission. If you successfully negotiate 
that hurdle, you have to find a contractor 
and manage the project all the way through 
to completion. 

"When you decide to build it yourself, 
you are really saying that you are taking on 
Go to Page 10 



The answer to buy vs. build isn't necessarily 
straightforward, especially for SMEs. 
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sure, the TR2UT-B, which will complete its 
TowerRAID series. ■ Slierpa Software re- 
leased version 4.2 of Mail Attender for Ex- 
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Flexible, Reliable Servers 

Chieftec Smart & Bravo Work As Departmental Server, Workstation 



Every Chieftec product is designed 
with quality construction, flexibility, atten- 
tion to detail, and reliability in mind. These 
characteristics make our Smart and Bravo 
Series server solutions strong candidates 
for departmental servers and workstations. 

Made from 1mm SECC steel, the Smart 
and Bravo Series employ clean and round- 
ed-edge manufacturing techniques. Front 
and side panel locks are standard. Models 
support micro- to extended-ATX mother- 




boards, and a metal PCI card retention bar 
simplifies adding or removing cards without 
screws. Two USB 2.0 ports, one 1394 Fire 



Wire port, and line in/out audio connectors 
are on the front. Standard PSII or mini- 
redundant power supplies are supported. 
WH-OimH-02 Smart Series 

• Up to nine front accessible 5.25-inch 
drive bays include 3. 5 -inch drive carri- 
ers; eight on the WH-01 

• Cooling is performed by optional 
120mm rear or optional top fan mounts 

BA/BX/BH-01 Bravo Series 

• SmartScrew and tool-free drive mounts 

• The BA full tower has up to eight front 
drive bays and eight 3.5-inch internal 
bays; the BX and BH mid/mini-towers 
support up to six front-accessible bays 
and six internal drives 

• Flexible cooling options 



• Power the system with Chieftec's A135 
Series power supply 

• Cable management options assure cool, 
stable, reliable, and efficient system 
operation 

• Backplanes in a variety of SATA, SAS, 
or SCSI RAID/JBOD configurations 

Bravo Series BA/BX/BH-01 B-B-B 
Smart Series WH-01/02B-B-B 

Server solutions that feature clean and rounded edges 
in a variety of options and configurations 



(510) 324-3888 
www.cfiieftec.com 
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Compliance Is Key 

Maintain Compliance Standards With 
Secure Elements' C5 Compliance Platform 



Industry standards exist for a reason, 
but that doesn't make achieving compli- 
ance with every regulation any easier. 

Secure Elements' C5 Compliance Plat- 
form is a tool designed to enable an enter- 
prise to audit and evaluate its level of com- 
pliance all in one place and with one prod- 
uct. Further, the C5 Compliance Platform 
helps companies implement the necessary 
changes if and when compliance gaps are 



present relating to internal, industry, or reg- 
ulatory policies for IT control and security. 

The latest update to the platform is the 
ability to audit and manage EPA Energy 
Star settings for Windows XP and Vista 
computers. Now, companies can more 



easily comply with the mandate for com- centralized management of element sensors, 

puters and monitors to "sleep" when not which are lightweight software agents. 

in use. Command Center offers unified views of a 

Other features of the C5 Compliance company's entire compliance posture, and 

Platform include configuration compliance the compliance content library is maintained 

scores, vulnerability scores, patch scores, by C5's Security Labs professionals. 

and authorized software compliance _ _, ^ ■■ 

r . r .u . .J Secure Elements C5 Compliance 

scores. Benefits of the platform mclude Platform 

smart automation, which results in fewer 

errors, repeatable processes, and pre- Starts at $25,000 

dictable results; unified views for quick r ii • ! j-j i . j 

^ ? , Enables companies to audit, evaluate, and manage 

summary and detailed views of momtored compliance issues 

assets; and overall improved compliance. 

The C5 Compliance Platform is com- (703)709-5011 

posed of four parts: C5 Element Manager, www.secure-elements.com 

C5 Element Sensors, C5 Command Center, /C^^"^ 

and C5 Compliance Content. Element SeCUFE elEfTIEntS® 

Manager is an Intel-based lU server for ^^""^ audit, evaluate. comply. 
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Short on time? 

Processof's print issue and Web site offer an unbeatable combination! 

When you're looking for product or buying information, turn to the print issue for a wide variety 
of current products from our iist of hand-selected manufacturers and resellers, along with 
articles and information to help you stay on top of the industry. 



Ready to buy? Turn to our Web site to find companies 
offering the products and services you need. 
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Data Center Design 
Goes Virtual 

Future Facilities' 6SigmaDC Data Center Design & Analysis 
Suite Offers Virtual Facility Planning 




6SigmaDC's 3D modeling helps data center designers test out ideas. 



A GOOD DATA CENTER Starts with good 
design; it must be planned and laid out 
in such a way that heating, cabling, and 
more are done right. Future Facilities' 
6SigmaDC Data Center Design and 
Analysis software suite offers designers 
tools that let them create a 3D virtual 
facility to test out ideas. 

Designers can create a thermal model 
that essentially gives users a full inventory 
of the room, including cabinets, IT equip- 
ment, power systems, cooling systems, 
and ventilation grilles. Users can use the 
thermal tool to help configure cabinets 
with rack-mounted equipment, to config- 
ure the facility or room, to act as a layout 



and testing tool for room equip- 
ment, and to show ongoing con- 
figuration and management 
so changes can be tested before 
implementation. 

Features include an easy-to- 
use GUI, the ability to read 
data from other design tools, 
large libraries of possible 
equipment, and a complete 
view of the inventory. The 
suite also offers drag-and-drop 
capabilities to aid in model 
construction and can predict 

rack or cabinet cooling and 

performance as well as grille flows. 

Future Facilities 6SigmaDC Data 
Center Design & Analysis v.4 

Starts at $45,000 per year and depends on 
configuration 



Data center design tool that lets users create a 
virtual facility to test out configurations 



(408) 436-7701 
www.futurefacilities.com 
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Remote Backup 
& Data Loss Prevention 

Spearstone's DiskAgent Offers Enterprise-Class Backup 



DiskAgent by Spearstone lets you create secure online backups. 



Data is perhaps the most valuable com- 
modity a company possesses, and being 
able to recover it in the event of a disaster, 
secure it from a malicious hacker attack, 
or retrieve and protect it if a computer is 
lost or stolen is of utmost importance. 
DiskAgent SaaS (software as a service) 
from Spearstone seeks to offer a solution 
with remote backup and loss protection. 

DiskAgent offers data storage and pro- 
tection with an easy-to-use, scalable SaaS 
offering. Features include continuous 
online backup with centralized manage- 
ment and constant access to data, and if 
hardware is lost or stolen, users can 
remotely erase data, effectively prevent- 
ing thieves from accessing sensitive 
files. DiskAgent lets IT admins track 
and potentially recover any stolen 



devices with its hardware re- 
covery functionality. 

By encrypting all backed 
up data as it moves both to 
and from the Amazon S3 and 
EC2 environments, DiskAgent 
meets security regulations and 
lets admins enforce document 
retention policies and grant or 
restrict user access to remotely 
backed up files. 

The DiskAgent SaaS is an 
easy-to-use package offering 
remote backup options and data loss pro- 
tection. Yet DiskAgent is designed as an 
enterprise-level protection package that 
individuals other than IT professionals 
can implement and maintain and requires 
no expensive infrastructure. 

DiskAgent by Spearstone 

Starts at $4.95 per month per device; volume 
discounts available 

SaaS (software as a service) that provides continuous 
online backup and remote device wipe capabilities 



(877) DSK-AGNT 
(877) 375-2468 



www.diskagent.com 



e 

DISKAGENT' 



TECHNICAL FURNITURE & RACKING SYSTEMS 

An original equipment manufacturer since its inception in 1 992, Hergo remains TH E trusted source for technical furniture. 



open Racking Systems 

D 




Command Center 
Furniture 




Relay Racks 




Mobile Computer Carts 




LCD Monitor Arms 




Training/Studio 
Desks 




Rack Mount Enclosures 




herga 



888.222.72701 www.hergo.com s3r,ESS";r 

5B-01 55th Avenue, Maspeth, NY 11378 | Tel: 888.2Z2.7270 | Fax: 8B8.41D. 0671 GSA Contract # GS-29F-0133G 
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I Apple, Verizon Top In 



^ Customer Satisfaction 

Customers are more satisfied with 
Apple than any other computer manufac- 
turer, according to research from the 
University of Michigan's ACSI (American 
Customer Satisfaction Index). Apple earned 
a customer satisfaction score of 85 — the 
highest ever in the ACSI's personal com- 
puter category. Dell came in second with a 
score of 75, followed by HP with 73 and 
Gateway with 72. J.D. Power and Asso- 
ciates completed its own survey of cus- 
tomer service in the wireless industry, rank- 
ing Verizon Wireless first, followed by 
Alltel, T-Mobile, and AT&T. Much of 
Verizon's top ranking can be attributed to 
its ability to solve customer problems with 
just one contact, according to J.D. Power 
and Associates. 

I Taiwan Investigates l\/licrosoft 
For Antitrust Activities 

Taiwan has opened a government investi- 
gation to determine whether Microsoft 
holds a monopolist position over Taiwan's 
software market and, if so, whether it is 
abusing that position. Taiwan's Fair Trade 
Commission, which is conducting the 
investigation, will also consider complaints 
that the software giant is limiting customers 
in the choices they can make by only offer- 
ing the Vista OS on new computers, not 
Windows XP. It will also explore whether 
Microsoft's pricing is appropriate for 
Taiwan. If the Fair Trade Commission 
finds that Microsoft has violated Taiwan's 
antitrust laws, it may have to change some 
business practices there and could be fined 
up to $797,361. 

I Apple Sued Over iPhone 

An Alabama woman is suing Apple over 
her "Defective iPhone 3G" and is asking a 
judge to give the case class-action status, 
saying that "perhaps tens of thousands of 
plaintiffs" could be involved. Jessica Alena 
Smith says she's had slower-than-expected 
data speeds and an inordinate number of 
dropped calls with her iPhone 3G. In addi- 
tion. Smith says, her phone connects to a 3G 
network less than 25% of the time. Smith 
also says Apple's advertising is misleading, 
claiming the iPhone 3G is "twice as fast at 
half the price." Smith is asking for a repair 
or replacement of her iPhone 3G along with 
unspecified damages and attorney's fees. 



I "Cloud Computing" Too Generic 
To Trademark 

The U.S. Patent and Trademark Office 
has refused Dell's application to trade- 
mark the term "cloud computing." In its 
nonfinal refusal to Dell, the trademark 
office says cloud computing "describes a 
feature and characteristic" of Dell's ser- 
vices and that the term "appears to be 
generic in connection with the identified 
services and therefore incapable of func- 
tioning as a source-identifier" for Dell's 
services. Dell can submit evidence to con- 
test the ruling; otherwise, it will become 
final in six months. Dell originally applied 
for the trademark in March 2007. 

I Court Upholds Open-Source 
License Legality 

Reversing a previous lower court ruling 
that questioned the legal validity of open- 
source licenses, a federal judge has ruled that 
open-source software licenses do have legal 
validity under copyright law. The original 
case, Robert Jacobsen vs. Matthew Katzer 
and Kamind Associates, revolved around 
software to control model trains. Jacobsen 
used an open-source "artistic license" to 
license the software to Kamind, which then 
used it to create a rival product. The ruling 
from the lower court said the issue was bro- 
ken contractual promises, not copyright vio- 
lation. However, the higher court ruled that 
copyright law covers the covenants and con- 
ditions in open-source licenses. 

I Many Vista PCs Downgraded To WinXP 

About 35% of PCs purchased with 
Windows Vista in the past six months have 
been downgraded to WinXP, according to 
a poll by Devil Mountain Software. The 
PCs are either being downgraded at the 
factory by the PC manufacturer or after the 
user received the system, according to the 
company. Devil Mountain Software, which 
runs a community-based network used to 
gather data on Windows computers, sur- 
veyed more than 3,000 PCs that use its 
exo.performance. network program. Micro- 
soft's end-user license agreement allows 
users of Vista Business, Ultimate, and 
Enterprise to downgrade to Windows XP 
Professional. 

I Gartner Predicts Electronics Slowdown 

Due to factors such as a weakened 
worldwide economy and high energy 
prices, analyst firm Gartner expects to see 
sales of electronics products slow down, 
which in turn will impact sales of semicon- 
ductors. Demand for electronic devices has 
remained solid in emerging markets, 
including India and China, which has bol- 
stered chip sales for the time being, but 



WATCH THE 

This information provides a quicl< glimpse of current and historical stock 
J^^^^^ J^j^ prices and trends for 14 major companies in the technology market. 



Company 


Symbol 


Year Ago 


August 15 $ 


August 22 $ 


previous week 


Computer Associates 


CA 


$24.42 


$24.63 


$24.48 


T 0.61% 


Cisco Systems 


CSCO 


$30.26 


$24.91 


$24.71 


T 0.8% 


Dell 


DELL 


$26.96 


$25.06 


$25.27 


▲ 0.84% 


Electronic Data Systems 


EDS 


$23.19 


$24.82 


$24.94 


▲ 0.48% 


Google 


GOOG 


$512.75 


$510.15 


$490.59 


T 3.83% 


HP 


HPQ 


$46.42 


$45.59 


$47.06 


▲ 3.22% 


IBM 


IBM 


$110 


$126.36 


$124.93 


T 1.13% 


Intel 


INTC 


$24.15 


$24.26 


$23.49 


T 3.17% 


McAfee 


MFE 


$35 


$38.88 


$39 


▲ 0.31% 


Microsoft 


MSFT 


$28.22 


$27.81 


$27.84 


▲ 0.11% 


Oracle 


ORCL 


$19.32 


$23.04 


$22.70 


T 1 .48% 


Red Hat Software 


RHT 


$19.56 


$22.75 


$21.72 


▼ 4.53% 


Sun Microsystems 


JAVA 


$4.86 


$10.86 


$10 


T 7.92% 


Symantec 


SYMC 


$18.70 


$22.27 


$22.06 


T 0.94% 



NOTE: This information is meant for reference oniy and shouid not be used as a basis for buy/seil decisions. 



Gartner expects the slowdown to affect 
them, too. In March, Gartner revised its 
estimate of a 6.2% chip revenue growth 
rate down to 3.4% growth for the year. A 
week after coming out with the new esti- 
mate, it also reported increasing inventories 
of chips, which remains a concern today. 

I HP CEO: Dell Had No Effect 
On HP Sales 

Dell's increased presence in the retail 
market has not had an impact on HP's 
sales, according to HP CEO Mark Hurd. 
For its fiscal third quarter that ended July 
31, HP's sales rose 10%, with software 
increasing its sales by 29%. Net income 
was $2.03 billion, or 80 cents per diluted 
share, compared to $1.78 billion, or 66 
cents per diluted share, in the same quarter 
a year ago. Quarterly revenue totaled 
$28.03 billion. In May, HP announced 
plans to purchase EDS for about $13.9 bil- 
lion; Hurd said HP will complete that 
acquisition during this quarter. 

I Microsoft Plans $500 Million 
Data Center In Iowa 

According to Iowa Governor Chet 
Culver, Microsoft has announced plans to 
build a $500 million data center in west 
Des Moines. The data center will house 
Web servers and software in an effort to 
keep up with the increased demand for the 
company's Web-based services, such as 
Windows Live and Windows Messenger. 
Microsoft cited Iowa's low costs, educated 
workforce, and moderate climate as the 
main reasons for its popularity as a tech 
investment destination; Google also 
announced plans last year to build a $600 
million data center in Iowa. 

I Sun Loses & Dell Gains 
In Worldwide Server Market 

Posting an impressive 15% in server rev- 
enue year over year for Q2, Dell has edged 
Sun Microsystems out of third place, join- 
ing first-place IBM and second-place HP in 
the top three. Dell's 15% jump was also 
higher than the top two: IBM showed 
growth of 11.5%, while HP posted growth 
of 2.9%. Sun, on the other hand, showed a 
6.8% decline in revenue. Overall, Q2 server 
revenue grew 5.2% to $13.8 billion. In 
terms of units shipped, HP took the top 
spot, with 30% of the market, followed by 
Dell, with 22.3%, and IBM, with 13.2%. 

I New Search Engines Can't 
Topple Google 

While the two recently launched search 
engines may have garnered plenty of press, 
Wikia Search and Cuil have not been able 
to snag much of search giant Google's mar- 
ket share. Wikia Search, which made its 
debut in January, holds a 0.000079% share 
of the market, while Cuil, launched just a 
few weeks ago, holds just slightly more at 
0.007%. By contrast, Google holds about 
70.77% of all online search queries in the 
United States as of end of July — up from 
the 64.35% share from July of last year. 

I IBM To Invest $300 Million In 
Business Continuity & Disaster Recovery 

In what it calls the largest investment in 
its 40-year history, IBM will spend $300 
million on expanding its business continu- 
ity and disaster recovery business. The 
company will add 13 facilities worldwide 
to answer what it sees as a growing 
demand. The new facilities, built in such 
cities as New York and London, will house 
remote data management and information 
protection capabilities. The company also 
plans to speed up the build-out of its 
Information Protection Services business in 
order to deliver cloud-based computing ser- 
vices to support business continuity. 
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Are you looking to learn more about data center 
or IT topics? Network with some of your peers? 

Consider joining a group of data center 
professionals. If you don't see a meeting listed in 
your area, visit www.afcom.com, www.aitp.org, 
or www.issa.org to find a chapter near you. 



- SEPTEMBER - 

ISSA Mankato 
September 4, 1 p.m. 

Alltel Wireless 
200 Technology Drive 

Mankato, Minn. 
www.katoinfosec.org 



ISSA Central Plains 
September 5, 1 1 :30 a.m. 
River City Brewery 
150 N. Mosley 
Wichita, Kan. 
www.issa-cp.org 



AFCOM St. Louis Gateway 
September 9 
Schneider Electric Technology Center 
807 Corporate Centre Drive 
O'Fallon, Mo. 
www.afcom.com/afcomnew/stlouis.html 



Enterprise Architecture 2008 
September 9-10 
Washington, D.C. 
events.fcw.com 



AITP Central Idaho 
September 10, 1 1 :45 a.m. 
The Owyhee Plaza 
1109 Main St. 
Boise, Idaho 
www.boisestate.edu/dpma 
/dpmaci/meetings.html 



Bay Area SecureWorld Expo 
September 10-11 
San Francisco, Calif. 
www.secureworldexpo.com 



ITEC Minneapolis 
September 10-11 
Minneapolis, Minn. 
www.goitec.com 



AITP Nashville 
September 1 1 , 5:30 p.m. 
Holiday Inn-Brentwood 
760 Old Hickory Road 

Brentwood, Tenn. 
www.aitpnashville.org 

AITP Washington, D.C. 
September 1 1 , 6:30 p.m. 
Alfio's Restaurant 
4515 Willard Ave 
Chevy Chase, Md. 
aitpwashdc.ning.com 



AITP Pittsburgh 
September 15, 5:30 p.m. 
Slovak Catholic Sokol 
801 11th St. 
Ambridge, Penn. 
www.aitp-pgh.org 



Interop 
September 15-19 
New York, N.Y. 
www.interop.com/newyork 



VMworld 2008 
September 15-18 
Las Vegas, Nev. 
www.vmworld.com/vmworld 
/conferences.jspa 



ISSA Forth Worth 
September 1 7, 1 1 :30 a.m. 
The City of Fort Worth Building 
275 W. 13th Street 
Fort Worth, Texas 
www.issa-cowtown.org 



Do you have a new product that data center/IT 
managers would be interested in learning about? 
Call (800) 544-1264 or email press@processor.com. 



Subscriptions 

(800) 819-9014 
(402) 479-2170 



Advertising & Reprints 

(800) 247-4880 
(402) 479-2141 
FAX: (402) 479-2193 



Editoriai Staff 

131 W. Grand Drive • Lincoln, NE 68521 
editor® processor.com 
FAX: (402) 479-2104 



August 29, 2008 



Processor.com 

^WatWork 



Products 



Page 5 



Cascading 
Network Woes 

Lancope Stealth Watch Bridges Security 
Concerns At The Niagara Falls 



by Curt Hurler 
■ ■ • 

Even fun, relaxing destinations have seri- 
ous computing concerns. In upstate New 
York, the NFBC (Niagara Falls Bridges 
Commission) finances, constructs, and oper- 
ates three historic bridges familiar to many 
tourists and honeymooners: the Lewiston- 
Queenston Bridge, the Whirlpool Bridge, 
and the Rainbow Bridge. Established in 
1938, the Lewiston, N.Y.,-based NFBC also 
maintains the facilities for Customs and 
Immigration offices on both sides of the bor- 
der. This is one network that needs to be 
secure from all possible threats and hostile 
attacks — both external and internal. 

Late last year, the commission began 
looking for a new solution to meet that 
goal. "We wanted to prevent unauthorized 
user access to the network along with mon- 
itoring authorized access," explains Dave 
Woods, manager of information technology 
for NFBC (www.niagarafallsbridges.com). 

However, this is not a trivial task. The 
NFBC network currently runs on a 10 
Gigabit network with 500 nodes across 
seven locations. Recently, the IT depart- 
ment found that managing the network was 
taking up a lot of time and becoming quite 
complex. As the network grew, behavioral 
anomalies became harder to detect. The 
NFBC needed a solution that ran as full- 
time as the network does. The commission 
wanted to position itself to be proactive 
against IT security risks without burdening 
existing staff, but adding new staff was not 
an option. 

"Previously, we had no permanent sniffer 
solution installed," Woods says. "We 
would typically deploy sniffers when trou- 
bleshooting or tracking down specific prob- 
lems." However, the commission wanted 
something that was more consistent than 
the ad-hoc solutions it was using. 

Network Specifics 

Like any good SME, the NFBC did its 
due diligence. "We evaluated and investi- 
gated multiple products in the market at the 
time, including many in-line sniffers," 
Woods recalls. Like many other midsized 



Messaging & Telephony 



Comprehensive, Easy-To-Use 
& Affordable Message Archiving 

The Barracuda Message Archiver is an 
integrated hardware and software solution 
designed to archive email communications 
sent and received by enterprise users. It 
automatically stores and indexes all email 
messages in real-time while making them 
available for rapid searching and retrieval 



operations, the NFBC runs voice, video, 
and data traffic across its network. And, 
like many other networks, during the past 
five years, the speed and size of its network 
has grown swiftly. 

The NFBC serves as a landlord to several 
"tenants" around the Falls. "We own the 
property. We do safety and provide the 
(network) housekeeping," Woods explains. 

The network traffic includes the toll 
receipt data from the bridges — a sort of 
PoS system for the collectors — and 
this data goes back to a central server. In 



addition, there is a sophisticated access 
control and CCTV system in place. 

There are seven separate PBXes for 
voice that handle a combination of 
Internet and traditional analog phones, and 
IP tie-lines are used to connect that por- 
tion of the network. 

Additionally, the network employs the 
Foundry Networks Fastlron (www. foundry 
net.com) chassis for its switches, with the 
Fastlron SX 400 and SX 800 as major com- 
ponents in the backbone, and the FWS X- 
series delivers high-density 10 Gigabit 
Ethernet service. 

"Tracking network activity became a 
very tedious process, and we typically 
would only see one Layer 2 segment of 
traffic at a time," Woods says. "Due to 
the speed of some of our network seg- 
ments (currently as high as 10Gb), we 
decided to avoid the sniffer-type solutions 
and leverage the existing sFlow capabili- 
ties of our Foundry Networks equipment," 
Woods says. 




by authorized users. To immediately cap- 
ture new messages. Message Archiver 
takes advantage of the journaling feature 
of Microsoft Exchange and other stan- 
dards-based email servers. It can also 
import historical emails and PST files for 
a complete archive. 



A Good Fit 

After reviewing several solutions, the 
NFBC selected Lancope' s StealthWatch 
NBA (network behavior analysis) tool 
(www.lancope.com). StealthWatch gives 
IT departments immediate notification of 
security issues and provides troubleshoot- 
ing data when there are problems, offer- 
ing detailed looks into network, host, and 
user problems. NFBC uses StealthWatch 
as a monitoring and troubleshooting tool 
that detects and identifies problems with 
the network, as well as the hosts and users 
on it. 

NFBC's deployment includes the 
StealthWatch Xe for sFlow, which aggre- 
gates information from its Foundry switch- 
es, and the StealthWatch IDenUty-1000 
appliance, which directly links individual 
users with specific network events. By 
using sFlow, the commission sees a sam- 
pling of the network, but that sampling is 
drawn across all network segments. 

"StealthWatch' s role was to provide the 
monitoring of authorized access," Woods 
says. All external traffic is monitored by a 
previously implemented UTM (unified 



threat management) system, which pro- 
vides virus, spam, and intrusion protection 
and is treated separately from the internal 
monitoring with Lancope. 

Adding to the complexity of the internal 
network is the need to monitor a flow of 
outsiders who have legitimate reason to use 
the NFBC's network. StealthWatch allows 
NFBC to keep a sharp eye on outside 
users/contractors using the network and 
inside contractors plugging in laptops or 
other devices — all of which can introduce 
IT security risks. 

"StealthWatch even allows us to monitor 
our Guest VLAN traffic with ease," Woods 
notes. "We are in the midst of a large con- 
struction project right now, [so] we provide 
a Guest VLAN that goes through the same 
firewall, but we use the Foundry switches 
to forward the sFlow." 

That way, if a contractor's laptop has a 
virus, the traffic can still be forwarded 
without endangering the central network. 
The system will not proactively isolate the 



Right out of the box, you can satisfy any 
legal requirement to retain your email with- 
out the integration hurdles of software-only 
solutions or security and network implica- 
tions when using hosted services. You can 
search the archives and create alerts for any 
email that may violate either standard or 
custom policies. Using a sophisticated 
roles-based user interface and tamper-resis- 
tant storage, you can enforce internal access 
control policies to help comply with corpo- 
rate policies and regulatory compliance. 

The Barracuda Message Archiver takes 
advantage of Barracuda Networks' exper- 
tise in threat protection by ensuring that 
historical emails are scanned for viruses, 
spyware, and other malware threats before 
they are retrieved. Energize Updates keep 



infected computer, but Woods' staff will 
contact the person about the device. 

Woods also likes the IDentity-1000 
appliance, which directly links individual 
users with specific network events. "The 
Active Directory feature is a very handy 
tool ... I use it more than anything else," 
Woods says. 

"It gives me session information and 
machine names," he says. "I can see any 
Windows account with just a few key- 
strokes. Especially with the size of our net- 
work, it is important to be able to get that 
kind of information live, in real time." 

Smooth Implementation 

Woods also liked the ease of installation 
of the system. "The Lancope implemen- 
tation was straightforward," Woods 
says. "Since we can simply forward sFlow 
packets to a collector appliance on the 
network, installation was quick and 
easy. Conversely, a sniffer-based solution 
would require many appliances with very 
high capture capabilities to be deployed 
throughout our network." 

Two relatively new members to the staff 
work regularly with the system and found it 
easy to learn. "Even for a nontechnical per- 
son, it is easy to use," Woods says. 

Woods says StealthWatch performs the 
NBA tasks as expected. "There are other 
features that we have yet to utilize; allocat- 
ing time to this project has been our biggest 
hurdle," he says. When time becomes 
available, he looks forward to turning up 
the other features. 

"I'm confident we have a solid product 
from Lancope," Woods adds. "The Lancope 
solution is still functioning well today. . . . 
We will be looking for other products to 
marry with Lancope in the future. In the 
meantime, the intuitive interface and the Ac- 
tive Directory integration make the Stealth- 
Watch appliance an easy decision." 
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the system up to date with the most cur- 
rent policy definitions, updates to the lat- 
est document file formats needed to 
decode content within email attachments, 
and security updates against the latest vul- 
nerabilities and malware threats. 

Barracuda Message Archiver 

Starts at $4,999 with no per-user license fees 

Archive email communications sent and received by 
users throughout your organization 

(888) 268-4772 

www.barracuda.com 

^'^HARRACm 

^^•^ NETWORKS 






EALTH 
WATCH 




TM 



By Lancope 



Archived Email 
At Your Fingertips 



Lancope 
StealthWatch 

Troubleshooting tool that detects and identi- 
fies problems with the network as well as the 
hosts and users on it 

'The Lancope innplementation was straight- 
forward," says Dave Woods, manager of in- 
formation technology for the Niagara Falls 
Bridges Commission (www.niagarafallsbridges 
.com). "Since we can simply forward sFlow 
packets to a collector appliance on the net- 
work, installation was quick and easy." 



(888)419-1462 
www.lancope.com 
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Manage IT Convergence 

Find, Configure & l\/lonitor Your IT Assets & Services 
With Dorado Software Redcell OpsCenter 




Redcell OpsCenter provides one console for automatically finding 
networked assets and understanding how they're interconnected. 



A KEY PROBLEM FACING IT professionals 
is managing and monitoring their collec- 
tion of resources with multiple vendor- 
specific and disparate tools, which keeps 
IT operational costs high and the ability 
to automate tasks impossible. To prevent 
business growth from devolving into IT 
chaos, administrators need a single, con- 
solidated system they can trust. 

Dorado Software Redcell OpsCenter 
is an all-in-one management system 
designed to consolidate IT resource 
management of multivendor, multitech- 
nology networked environments. 

From one console, Redcell OpsCenter 
finds all networked assets and subcompo- 
nents; understands how they are intercon- 
nected and associated; performs heteroge- 



neous device configuration; and 
monitors the health, availability, 
and performance of your net- 
worked application infrastructure. 

Redcell OpsCenter increases 
efficiency and productivity 
while reducing administration 
costs through the automation of 
key operational tasks and intelli- 
gent monitoring of services and 
devices — in a traditional and 
virtualized multidomain envi- 
ronment that includes routers, 
switches, wireless gear, security 
appliances, servers, PCs, storage 
devices, and networked printers. 
OpsCenter provides functions such as 
automated device, link, and service dis- 
covery; CMDB inventory; health and 
performance monitoring; free-form con- 
figuration task execution; and reporting. 

Dorado Software Redcell OpsCenter 

Free trial available at doradosoftware.com/trials.html 

All-in-one management system designed to consoli- 
date IT resource management of multivendor, multi- 
technology networl<ed environments 



(916) 673-1100 
www.doradosoftware.com 



Dorado 

SOFTWARE 



A New Mindset 
For Security 

Parasoft Application Security Solution Improves Productivity 



COHTWUOUSAUWMATCD PROCESS 





r~Ji Projects/ 
k — J Appltcatioi 
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You CAN IMPROVE SECURITY without 

impeding your development productivi- 
ty. How? Establish a continuous security 
process with Parasoft Application Se- 
curity Solution. 

Parasoft solutions establish a continu- 
ous process that identifies and remedi- 
ates security vulnerabilities across every 
stage of the SDLC and ingrains security 
tasks into your team's workflow. 

The Parasoft system automatically 
monitors whether your security policies 
are implemented in the code, applied at all 
layers of the application stack, operate 
correctly in the context of realistic scenar- 
ios, and persist as the application evolves. 

It delivers a "jump start" solution for 
preventing the most likely application 



security vulnerabilities and provides an 
automated system that applies state-of- 
the-art analyses throughout all stages of 
the SDLC, testing the application from 
the inside-out and outside-in to identify 
potential vulnerabilities. 

No matter what your motivation, 
Parasoft' s unique automated infrastruc- 
ture drives your development process to 
ensure that it remains on track and does 
not disrupt the team's workflow. 

Analysis capabilities include rule-based 
static analysis, peer code review process 
automation, data flow static analysis, pen- 
etration testing, runtime analysis/mon- 
itoring, and continuous regression testing. 

Process/workflow capabilities include 
security policy development, centralized 
policy management, automated infra- 
structure, centralized reporting, and error 
assignment and distribution. 

Parasoft Application 
Security Solution 

Continuous security process tfiat identifies and 
remediates security vulnerabilities 



(888) 305-0041 
www.parasoft.com 
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lU Server - ASA 1401 i 

1 CPU, Intel Quad Core Xeon 5310, 1.6GHz 8MB 

1GB (2X512MB) 667MHz FBDIMM Installed, 

IX 80GB SATA II 7200 RPM Installed, Max - 4TB. 

IX 4 Port SATA II RAID Controller Installed. 

lU rackmount Chassis, 560Watt PS. 

4 Drive bay, Rails Included. 

Price Starting at: $1265/- 




5U Server - ASA5241i 

1 CPU, Intel Quad Core Xeon 5310, 1.6GHz 8MB 
1GB (2X512MB) 667MHz FBDIMM Installed, 
12TB (24X 500GB) SATA II Installed, Max - 24TB. 
IX 24 Port SATA II RAID Controller Installed. 
5U Rackmount Chassis, 930Watt Redundant PS. 
24 Drive bay, Rails Included. 
Price Starting at: $7345/- 




,., """nun miKiimil 



? 



2U Server- ASA2 12 li 

1 CPU, Intel Quad Core Xeon 5310, 1.6GHz 8MB 
1GB (2X512MB) 667MHz FBDIMM Installed, 
6TB (12X 500GB) SATA II Installed, Max - 12TB. 
IX 12 Port SATA II RAID Controller Installed. 
2U Rackmount Chassis, BOOWatt Redundant PS. 
12 Drive bay. Rails Included. 
Price Starting at: $4275/- 




8U Server- ASA8421i 

1 CPU, Intel Quad Core Xeon 5310, 1.6GHz 8MB 
1GB (2X512MB) 667MHz FBDIMM Installed, 
2X 80GB SATA II 7200 RPM OS drives Installed 
20TB (40X 500GB) SATA II Installed, Max - 40TB. 
2X 12 Port & IX 16 Port RAID Controller Installed. 
8U Rackmount Chassis, 1300Watt Redundant PS. 
42 Drive bay, Rails Included. 
Price Starting at: $12735/- 




3U Server- ASA3 16 li 

1 CPU, Intel Quad Core Xeon 5310, 1.6GHz 8MB 
1GB (2X512MB) 667MHz FBDIMM Installed, 
8TB (16X SOOGB) SATA II Installed, Max - 16TB. 
IX 16 Port SATA II RAID Controller Installed. 
3U Rackmount Chassis, SOOWatt Redundant PS. 
16 Drive bay. Rails Included. 
Price Starting at: $4995/- 




ASA730 1 &ASA7302-X2U-ST2 
Blade Server 

7U rack-optimized enclosure, holds 10 blades 
3+1 redundant 4200W or 6000W or 7500W 
Price Starting at: $4050/- 

For more details please call 



A 



ASA COMPUTERS, INC. 

2354 Calle Del Mundo, 
Santa Clara, CA 95064. 
www.asacomputers.CQm 
Phone - (408)-654-2901 
Fax - (408)-654-2910 



Eval Servers Available on request 



Since 1989, ASA has served customers like Cisco, Juniper, Caltech, Fermilab and most 
Universities. We provide total custom server solution with OS of your choice. Excellent 
pre-sales and post-sales support. Reliable hardware at most competitive prices. Please 
call or contact us for your next hardware purchase. 




1-800-REAL-PCS 



Efficient. 



Intel, the Intel logo, Xeon, and Xeon Inside are trademarks or registered trademarks of Intel Corporation in the U.S. and other countries. 
Price and availability subject to change without notice. Not responsible for typographical errors. All brand names and logos are trademarks of their respective companies. 
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Simplify Web Development 



Gizmox Visual WebGui For Silverlight 
Streamlines Enterprise Applications 



The development cycle of enterprise 
applications is critical for programmable 
Web plug-ins such as Microsoft Silverlight. 
A RAD (rapid application development) 
framework is one tool that can reduce over- 
all development cycles. Gizmox has devel- 
oped the Visual WebGui for this precise 
purpose, while still offering great flexibility. 

Visual WebGui is a graphical user inter- 
face that enables Microsoft Silverlight for 



rich data-centric Internet applications suited 
for enterprises. The framework introduces 
seamless integration to Visual Studio and 
offers the Web developer simplicity through 
its Windows Forms drag-and-drop interface 
design. Additionally, WebGui incorporates 
the ASP.NET deployment model and 
allows full Silverlight graphics capabilities. 

Executing complex AJAX applications 
can require a sharp learning curve; how- 



ever. Visual WebGui features server- side 
controls that function in the same manner 
as desktop application controls, effective- 
ly replacing AJAX browser controls in 
runtime. The WebGui complete control 
toolkit currently contains more than 50 
customizable out-of-the-box implemented 
for decoupled presentation in either 
DHTML or Silverlight layers. 

The user-friendly interface is easy to 
deploy for complex enterprise-level AJAX 
applications thanks to WinForms API and 
design-time support. Powerful object-ori- 
ented programming transports AJAX 
without consuming more than 1% of 
bandwidth. Visual WebGui application 
security is military-grade, as well, because 
it runs on the server, so the browser oper- 



ates as a viewing pane to the server, and 
no sensitive data is transferred. 

Gizmox Visual WebGui 

Standard Server + SDK for $1 ,500 per developer seat 
per year; Standard Silverlight extension + SDK for 
$500 per year; Standard Silverligfit Extension + 
Standard Server + SDK for $1 90 per developer seat 

per year 

Open-source RAD piatform for Microsoft Silverlight 
Web IT applications 

+972-9-7673063 



www.visualwebgui.com 



.i> Visual WebGui® 

bringing AJAX & Siiverliglit to enterprises 
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Get Cash For Your Data Tapes 

Recycling Your Media Has Never Been So Safe, Sound & Simple 




Data tapes we recycle: SDLT, 9940, 3590, LTO, AME AIT, and many others. 



Most enterprise data centers are ap- 
prehensive about recycling data tapes due to 
security. Recycle Your Media is one of the 
largest and most respected full-service data 
tape recycling companies worldwide. 



RecycleYourMedia.com is the most 
viable solution for your end-of-life data 
tapes. Recycling your media is environ- 
mentally sound and economically sensible, 
given that it can recoup IT costs. 



When recycling your data 
tapes, you need to be assured 
that the data will be destroyed 
and rendered unreadable. We 
practice the most secure meth- 
ods, complying with govern- 
mental privacy and storage 
laws. We are highly experi- 
enced in data eradication and will offer 
data destruction certificates and volume 
serial reports to ensure your sensitive data 
is irretrievable. 

Matthew Bernard, IT network manager 
at John Wiley & Sons, says, "Although 
hesitant to release my used data tapes, I 
found Recycle Your Media's data tape 
recycling service to be secure, profession- 
al, and more than I expected." 



Recycle Your Media works with Fortune 
500 firms, banks, government agencies, law 
firms, and hospitals, making us a reliable 
source for all data tape recycling needs. 

Why pay for tape shredding? Recycle 
Your Media can pay you to recycle your 
data tapes. Recycling data tapes is simple: 
Give us a call and we take care of the rest. 

Recycle Your IVIedia 

We buy all types of tapes and recycle them using 
secure and environmentally sound methods 

(877) 798-2737 

www.recycleyourmedia.com 

lecycleYourMedia 
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Manage Media Networks 

Packet Island PacketSmart-Lite Platform gn ^ 
Troubleshoots Voice & Data Networks 



PBCketSmart-LIle Senrar 



PacketSmart-Lite, an entry-level version 
of Packet Island's PacketSmart platform, is 
ideal for small and medium-sized business- 
es. PacketSmart-Lite includes everything 
needed to quickly and reliably troubleshoot 
voice/data networks for up to 10 differ- 
ent sites of 50 to 200 phones each. Each 
platform comes with a Linux-based Dell 
server fully loaded with Packet Island's pro- 
prietary PacketSmart software component 
and five compact micro appliances that 




provide sniffing 
and call genera- 
tion capability 
from each site 
remotely. Each l^ffl.-. 
microappliance ^"^^ 
can handle up to SL. 
20 concurrent 
calls. SIP, 

MGCP, and Cisco proprietary signaling 
protocols are supported. 



The PacketSmart platform provides 
convenient 24x7 remote monitoring for 
each site, allowing deep visibility into 
network issues that cause 
voice, video, and data degra- 
dation. A browser-indepen- 
dent, Java-based GUI allows 
quick retrieval of critical data, 
such as jitter, MOS, dropped 
packets, router path, traffic 
spikes/transient effects, and 
even full packet capture. 
Comprehensive reports are 
available to give you a reli- 
able and automated snapshot 
of the state of your network. 
IT administrators can use the solution to 
perform the following functions: 



• Assess data networks for VoIP readiness 

• Troubleshoot VoIP signaling issues 

• Verify LANAVAN QoS design based on 
TOS or Diffserv 

• Monitor live VoIP calls on a 24x7 basis 

• Remote packet capture with 
EtherealAVireshark compatibility 

• Monitor Top- 10 data flows 

• Generate a variety of on-demand reports 

Packet island's PaclcetSmart-Lite 

Starts at $8,000 



Troubleshoots voice/data networks for up to 10 
different sites of 50 to 200 phones each 



(408) 329-9608 
www.Packetlsland.com 



PACKET ISLAND 
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No-Hassle 

Password Management 

Cloakware's Server Password l\/lanager v3.5 Offers 
Upgraded Deployment & Integration Features 



Privileged and A2A (application-to-appli- 
cation) password management is a powerful 
way to maintain security for any company, 
yet many enterprises eschew this protection 
because of its prohibitive cost. Cloakware 
offers a more cost-effective solution to this 



issue with the release of CSPM (Cloakware 
Server Password Manager) version 3.5. 

CSPM is a Shared Account Password 
Management platform designed to support 
data centers of various types, including mul- 
tisite, heterogeneous, and high-volume cen- 



ters. CSPM is designed to offer ensured 
high availability in distributed networks and 
improved integration with homogeneous 
data centers, all without disrupting the sys- 
tem or causing downtime. 

CSPM utilizes streamlined deployment 
options, improved integration into existing 
environments, scalability, and availability to 
help companies improve compliance, pro- 
tect confidential data, decrease system 
downtime, and reduce operational costs. 

CSPM allows regular password changes 
and password policies to be applied to serv- 
er-based accounts. It eliminates hard-coded 
passwords by removing the need to share 
passwords with developers, so the problem 
of needing to create a new password doesn't 
require redeployment of applications. 



Other features of CSPM include reliabili- 
ty across multiple sites and plug-and-play 
application server support. Deployment 
options enable one CSPM deployment to 
act as a primary core with support for multi- 
ple remote data centers. 

Cioal(ware Server Password 
iVIanager v3.5 

Server password manager with high availability, 
easy integration, and broad deployment options 



(703) 752-4830 
www.cloakware.com 



cloakware 

datacenter solutions 
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On-Demand Load Testing 

AlertSite Provides SaaS Testing To Improve 
Web Site Stability Before Launch 



Response Time per URL 
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AlertSite's On-Demand Load Testing offers immediate 
reports. 

Web sites are launched every day, but 
it's likely many have little or no idea if the 
site will be able to handle the loads it will 
encounter. The result is many Web sites 
experiencing errors that could have been 
avoided with some robust load testing. 

AlertSite addresses this need with the 
release of On-Demand Load Testing, a 
SaaS (software as a service) application 
that is designed to offer businesses quick, 
simple, and intuitive load testing that 
simulates actual user loads. On-Demand 
Load Testing is designed to help compa- 
nies identify scalability issues, bolster the 
infrastructure, and prevent site crashes so 
customers never experience downtime. 

By leveraging AlertSite's DejaClick 
technology, which simplifies the testing, 
design, and setup processes, virtually 



any user can build and deploy a load 
test easily and review the results 
quickly. Users can log on from any- 
where in the world and quickly test. 
There is no need for learning a 
scripting language or acquiring spe- 
cial equipment software or extra 
personnel, which saves companies 
money. 

On-Demand Load Testing works 
by simulating Web traffic from 
thousands of simultaneous users. 
Once the test is complete, the results 
are instantly generated into an on- 
demand report that shows a break- 
down of Web site performance over 
time. Users can test URLs at any time, 
indicate the number of concurrent virtual 
site visitors, and even specify the time of 
day when automatic testing is per- 
formed. Users can reuse the scripts that 
are created from this process at any time 
and as often as needed. 

AlertSite On-Demand Load Testing 

Pay as you go; prices vary according to needs 

On-demand load testing for Web sites to improve 

stability 



(877) 302-5378 
www.alertsite.com 
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Cost-Effective Network 
Monitoring 

Effective Troubleshooting With Paessler's 
PRTG Network Monitor V7 




Paessler's PRTG Network Monitor V7 offers an 
easy-to-use interface for more streamlined management. 

Administrators are under constant and 
increasing pressure to troubleshoot and 
prevent network problems faster, and they 
need a streamlined solution with an inter- 
face that is simple to use. 

Paessler's PRTG Network Monitor 
version 7 is designed to offer admins a 
cost-effective, easy-to-use method of 
ensuring network availability that reduces 
costs and saves time. It' s designed to pre- 
vent outages, optimize connection perfor- 
mance, and control service-level agree- 
ments. 



The software offers enhancements to 
automate network monitoring and report- 
ing tasks, as well as the ability to leverage 
best practices for optimal configuration 
and analysis. Features include Auto-Pilot, 
a feature that constantly scans network 
segments for new devices and automati- 
cally determines device types and config- 
ures appropriate sensors for them, and 
preconfigured device templates that offer 
alarm and warning limits for standard 
devices. PRTG 7 also features extended 
support for more than 30 sensor types to 
monitor service, analyze network traffic, 
and track user behavior on the network. 

The intended benefits include being 
able to identify out-of-the-ordinary traffic 
or usage patterns to quickly learn about 
the issues and act to resolve them. 

Paessler PRTG 
Networl^ IVIonitor V7 

Starts at $295 for 100 sensors 



Network monitoring software that promises low cost 
and ease of use 



(503) 345-9257 extension 826 
www.paessler.com 
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Enhanced CA Records 
Management Solution 

Helps Companies Streamline Records-Keeping Processes 




CA Records Manager provides access to all content through a single 
interface 



CA Records Manager rl2 is the latest 
version of the company's tool to help 
enterprises automate record-keeping 
processes. The program is designed to 
give users faster access to information, 
save time and money, and facilitate com- 
pliance with regulatory requirements and 
organizational policies. This new version 
delivers increased functionality with its 
records retention and disposition module, 
a localizable Web client, and added fea- 
tures to enhance the user experience. 

CA Records Manager rl2 is also certi- 
fied by the United States DoD (Depart- 
ment of Defense) against the newly updat- 
ed version 3 of the U.S. DoD 5015.2 stan- 
dard, which provides for greater data 
security and integrity. Because of its long 
history of early and successful standards 



adoption, CA was the first to 
certify against the new, more 
stringent standard. 

"One of the most important 
new features in Records 
Manager rl2 is the creation 
of an enhanced retention 
module that is an interface to 
perform all administrative 
tasks related to retention and 
disposition," says Reed Irvin, 
vice president of product 
management for CA. "Addi- 
tionally, this release also delivers signifi- 
cant enhancements focused on creating 
transparency, declaring records more 
efficiently, improving the user experi- 
ence, and applying policy on all content 
across the enterprise. For instance, new 
scripted email notification capabilities 
are designed to send an email notifica- 
tion to selected recipients when your 
specific defined criteria are not met 
within a specified time frame." 

CA Records IVIanager r12 

Records management solution designed to help 
enterprises improve efficiency, automate processes 
and reduce risk 



(800) 225-5224 
littp://www.ca-ig.com/ 
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Premium Data Center- 
Class Storage 

ONStor's Cougar 6000 NAS Gateways Offer High Performance 

& Power Efficiency 



On top of scalability, compa- 
nies need storage with high 
availability and high perfor- 
mance. ONStor's Cougar 
6000 series of NAS gateways 
is designed to meet the needs 
of large enterprises and data- 
intensive environments, yet 
make it affordable for mid- 
range companies, as well. 

The Cougar 6000 series is 
designed to deliver growth 
flexibility and the ability to 
meet changing storage needs 
without disrupting business as 
usual with ONStor's Ever- 
Scale redundant modular architecture, het- 
erogeneous storage virtualization, and 
advanced multicore storage network pro- 
cessors. 

The "cluster-in-a-box" design of the 
Cougar 6000 series is designed to enable 
companies to meet service-level agree- 
ments with a device that leaves a small 
footprint and saves energy. Yet the open 
data center-class networked storage appli- 
ance can scale up to 4PB (petabytes) and 
400KH- SpecSFS Ops cluster. 

The Cougar 6000 series can help reduce 
costs by allowing customers to leverage 
the storage they presently have, which 




bulks up their storage capacity 
without jettisoning their previ- 
ous data center investment. 

The Cougar 6000 series 
includes centrally managed 
and provisioned open storage, 
a compact and energy-effi- 
cient solid-state design, and 
64-bit multicore pipelined 
network processor architec- 
ture. For high availability, the 
NAS gateways offer an 8- 
node cluster, 32 virtual serv- 
ers per cluster, eight GigE 
ports, eight EC ports per filer, 
and other advanced features 
such as n-way clustering and pooled stor- 
age management. 

ONStor Cougar 6000 NAS Gateways 

Starts at $122,500 (includes NAS management 
software) 

A data center-class storage offering designed for 
cost and energy savings 

(408) 963-2400 

www.onstor.com 

ONStore) 

Storage Solutions for the Content Generation 
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Mixed 
Messages 

Social Engineering & Unprotected 
Data Plague Enterprise Email 



by David Geer 

The threats to enterprise email are 
many. Social engineers use bogus emails 
to dupe employees into breaking securi- 
ty. Employees unwittingly send messages 
they shouldn't, which contain important in- 
formation. Email snoopers 
snap up unencrypted mail in 
transit. Employees forward 
email off the network to 
unsecured devices and con- 
sumer Web mail applica- 
tions to work off-hours. 
And, finally, enterprises 
themselves implement cor- 
porate Web mail access 
without proper security 
measures. 

However, by auditing the 
network carefully, adopting 
clever email policies, edu- 
cating employees in street 
smarts and common sense 
around vulnerabilities, and 
countering with security 
technologies, SMEs will 
address most threats. 

Email Traps & Hazards 

Social engineering — a 
type of attack that leverages 
employee trust to break secu- 
rity — is an SME's No. 1 
email security vulnerability, 
according to Randy Abrams, director of tech- 
nical education at ESET (www.eset.com), a 
leading anti-malware software vendor. 
Emails asking users to click links or log in to 
their banks are prime examples. 

"By simply clicking a URL in an email, a 
user could infect their system without real- 



users to log in to bogus representations of 
their banking sites, only to record their 
passwords, access their accounts, and steal 
their identities for profit. 

Attackers have developed the latter form 
of social engineering, commonly called 
phishing, into spear phishing — emails that 




appear to come from trusted sources inside 
the employee's enterprise. The attackers 
target these emails at stealing intellectual 
property or confidential data from the spe- 
cific company, according to Gene Spafford, 
executive director of CERIAS (Center for 
Education and Research in Information 



Educate users about the dangers of email 
so they don't succumb to social engineering 
or carelessly release confidential data. 



izing anything has happened," says Chad 
Loder, director of engineering at Rapid? 
(www.rapid7.com), a network security soft- 
ware vendor. Email-based links entice 



Assurance and Security) at Purdue Univer- 
sity (www.cerias.purdue.edu). 

Data leakage, another serious vulnerabili- 
ty, happens when employees forward 



important data by email. People who aren't 
authorized to do so or who simply don't 
know the information is private may trans- 
mit important documents, account informa- 
tion, or passwords out of the network to 
parties who shouldn't be privy, according 
to Spafford. Employees who want to work 
remotely forward email off the network to 
unsecured BlackBerrys or Web-based mail 
accounts such as Gmail, where it is suscep- 
tible to compromise, according to Loder. 

Still another form of data leakage occurs 
when messages and traffic aren't encrypt- 
ed, exposing them to snoopers who listen 
in on connections and retrieve or change 
the emails' contents. By changing key 
information and sending it on to its desti- 
nation, snoopers cause companies to make 
pivotal decisions based on errant data, 
Spafford explains. 

Corporate Web mail is a weakness in the 
email security chain, according to Loder. 
SMEs providing remote Web-based email 
access for their users often 
require only usernames and 
passwords for access, Loder 
explains. Users log in to 
these accounts from home 
computers, laptops, or pub- 
lic computers in cyber cafes 
or hotels, exposing their 
passwords to family mem- 
bers or strangers. 

Protective l\/leasures 

One of the best ways for 
an SME to discover its 
vulnerabilities is through 
self-audit, according to 
Spafford. SMEs should 
audit policies for rules that 
circumvent email vulnera- 
bilities. If rules and means 
of enforcement don't ex- 
ist, the enterprise may be 
vulnerable. 

Healthy policies address 
appropriate email usage and 
specify what employees 
should do with questionable 
messages. "Policies should 
specify that employees don't open certain 
kinds of attachments and don't click on 
embedded Web links," Spafford explains. 

Educate users about the dangers of email 
so they don't succumb to social engineer- 
ing or carelessly release confidential data, 
Spafford continues. Make sure they under- 
stand the technology behind the threats so 
they can apply common sense to their email 
usage, adds Stephan Mueller, lead evalua- 
tor at Atsec Information Security (www 
.atsec.com). 

Consider data leak prevention tools that 
scan messages and attachments for confi- 
dential information and stop it before it 
leaves the organization. Encrypt emails and 
message traffic to stop snoopers who read, 
alter, or capitalize on messages sent in 
plain text, says Spafford. 
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Get a handle on outbound mail. Configure 
firewalls to block outbound connections to 
TCP port 25, which the SMTP protocol uses 
for outbound mail transfer, explains Loder. 
Then, permit a limited number of designated 
company mail servers to make outbound 
SMTP connections. 

Monitor that outbound mail to see who is 
automatically forwarding mail off the net- 
work to handheld devices and Web mail 
accounts, which are not under the enter- 
prise's control. Sensitive emails that are 
forwarded this way are at the mercy of the 
protections, or lack thereof, of those 
devices and services, warns Loder. 

Develop and enforce policy to stop or 
secure email-forwarding behavior. If SMEs 
don't provide employees with what they 
need to do their jobs, they will find a way 
to circumvent policy to do it. If they are 
forwarding email in order to have 24/7 
access for working anytime and anywhere, 
provide them with a secure solution that 
enables this, Loder suggests. 

For SMEs that use a remote Web mail 
server, two-factor authentication is a good 
technology for securing that remote 
access, according to Loder. Add another 
factor of authentication to usernames and 
passwords, such as requiring the user to 
type in characters presented in an image 
file. This will prevent phishers who steal 
only passwords from gaining access. For 
BlackBerrys and other devices, add email 
encryption on-the-wire and on the device, 
Loder advises. 



Top Vulnerability: 
Employee Email 
Behavior 



Randy Abrams, director of technical educa- 
tion at ESET (www.eset.com), a leading anti- 
malware software vendor, believes that an 
employee who exercises naive email behav- 
ior at home — opening attachments and click- 
ing embedded links — will transfer that behav- 
ior to work, exposing the enterprise to the 
same kinds of threats. 

"Security isn't simple," Abrams explains. As 
products evolve to address vulnerabilities, 
the bad guys will be working on ways to skirt 
them. Their methods will be rooted in social 
engineering. 

"The only truly effective solution for social 
engineering is an educated and thinking em- 
ployee," Abrams concludes. "The enterprise 
can't simply give users a checklist of 'Dos 
and Don'ts' and expect everything to be done 
right. They have to understand the concepts. 
When they understand the concepts, they 
can see variations on social engineering at- 
tacks." Then, they can exercise good and in- 
tuitive judgment to avoid entrapment. 



Save 
Yourself 
Time 



When you post a free Want-To-Buy 
or For-Sale Listing at Processor.com, 
you save more than time, Hundreds 
of the nation's leading computer 
dealers will see your posting and 
let you know if they have the 
equipment you are lool<ing for, 
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Storage At Risk 

Continued from Page 1 
(www.ibm.com), adds that many SMEs run 
Windows Server or Unix environments 
with few security measures, such as authen- 
tication, because they can be complex and 
difficult to implement. 

Lock It Down 

According to Kevin Daly, CEO of iStor 
Networks (www.istor.com), data is vulner- 
able in only two situations: when it's in 
transit and when it isn't. Vulnerabilities 
surrounding data in transit originated when 
organizations moved from internal storage 
(DAS, or direct-attached storage) to net- 
work-oriented storage (NAS and SANs), 
and while IP-based network storage cer- 
tainly can be vulnerable, Daly says data in 
transit can be effectively protected by prac- 
tices and policies. 

Data at rest, on the other hand, is another 
story. Assuming an enterprise configures a 
first level of defense by setting up and 
maintaining access permission structures to 
create a control structure for who can and 
cannot access data, there remains the issue 
of what happens when the data comes to 
rest on a physical hard drive. A straightfor- 
ward way of preventing unfettered access to 
this data, Daly says, is encrypting it before 
it goes on the drive. But he says that even 
those who are willing to live with the steep 
performance hits caused by encryption 
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don't always use encryption because of the 
consequences — such as loss of data — of any 
errors while using it. 

"There is a light at the end of this partic- 
ular tunnel, however," Daly says. "Disk 
drive manufacturers are beginning to pro- 
vide drives that encrypt and decrypt the 
data in the drive. This addresses many — but 
to be honest, not all — of the issues associat- 
ed with protecting data at rest on disks. It is 
not common yet, but its use will be grow- 
ing, and it will significantly mitigate the 
vulnerability of disk-based data." 

Daly recommends several "first-order 
actions" that organizations can take to pro- 
tect themselves against storage vulnerabili- 
ties: Organize data to limit the use of (and 
access to) sensitive, critical, and valuable 
data; use systematic permission structures 
and access control lists; centralize the stor- 
age of critical data as much as possible; use 
VPNs where possible; minimize or elimi- 
nate the use of removable media; encrypt 
drives wherever possible (particularly in 
mobile devices); design (or redesign) the 
backup and restore process with security in 
mind; and train and educate all users about 
their responsibilities for data security. 

Don't Forget Policy 

There's a rising tendency to rely on tech- 
nology to address storage-related security 
issues, but some experts feel that policy- 



making and employee awareness are simi- 
larly effective in keeping storage secure. 
Jame Ervin, product manager for DNF 
Security (www.dnfsecurity.com), says that 
employees are the first line of defense 
against data breaches. 

"Many of the widely publicized security 
breaches involved a loss of physical control 
over the data — stolen laptops, missing back- 
up tapes, and so on. In many cases, employ- 
ees could have added an additional layer of 
protection with password-protected comput- 
ers or backup tapes. Organizations should 
have a defined policy for access to data 
leaving the premises and for data inside the 
office and act accordingly," Ervin says. 

There are three key requirements to 
implementing an effective storage security 
policy, says Gary Brown, director of storage 
solutions for Forsythe Solutions Group 
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(www.forsythe.com). First is executive 
sponsorship of the security policies, policy 
enforcement, and continuous auditing of 
policy effectiveness, followed by the identi- 
fication of the stakeholders and owners of 
the security policies. These people must 
accept their roles to participate and respond 
to inquiries and requests in a timely manner. 

Finally, "You need to architect a data 
protection environment that can support the 
policies and that is flexible enough to sup- 
port potential future requirements," Brown 
says. "This includes selection of both soft- 
ware solutions and physical hardware that 
will support policies, protection, perfor- 
mance, and availability of information. Too 
often, we see organizations look at storage 
hardware devices that provide storage func- 
tionality but may never support a good stor- 
age security policy." 



Top Vulnerability: Data Leaving The Building 



Data within tine walls of an 
enterprise can be locked 
down with heaps of security, 
but as soon as it leaves those 
walls, it's up for grabs. Lap- 
tops, PDAs, smartphones, 
USB key drives, portable 
hard drives, backup media, 
and other items often hold 
plenty of sensitive company- 
related data that can create 



big trouble if it ends up in the 
wrong hands. 

"It is emotionally difficult for em- 
ployees to appreciate that a 
one-half-ounce, $20 thumb 
drive can hold enough informa- 
tion to cost the organization 
millions of dollars in losses, 
disruptions, and fines, but it 
can," says iStor Networks CEO 



Kevin Daly (www.istor.com). 
He recommends using encryp- 
tion to protect drives in mobile 
devices and to protect backup 
media. He predicts that all 
portable business devices will 
eventually have encrypted 
storage devices, but in the 
meantime, organizations must 
use what's available to protect 
data leaving the building. 



The Build vs. Buy Debate 



Continued from Page 1 
the responsibility, as well as the risk for a 
complex electro-mechanical construction 
project," says Michael Wilkes, president 
and chief disambiguator for Dynamic An- 
swers (www.dynamicanswers.com). 

The lucky ones either already have or 
can find on the market a secure, well-air- 
conditioned building with redundant 
Internet pipes. All they have to do, then, is 
fill it with racks and servers and tie it into 



a network. But much of the time, you end 
up having to take care of the myriad 
details yourself. 

"If you do the whole thing, it will include 
planning the building completely, from site 
selection and permitting through county 
inspection and occupancy requirements," 
notes Wilkes. 

If you purchase an existing building, 
you'll need to weed out properties that 
don't have the special features needed for a 



Comparing Building vs. Buying Data Center Space 



Build: 

• When you have loads of data to back up that 
require plenty of babysitting 

• When your overall space and load requirements 
are substantial 

• When your environment requires rigorous 
management 

• When you have plenty of IT resources internally 

• When you already have an experienced internal 
team skilled at facility construction 

• When your data has to be kept so secure that 
even the most diligent colocation doesn't qualify 
to host it 



Buy: 



When you need to eliminate upfront 

costs linked with building a data center 

When you need to accurately predict 

total data center costs 

When you lack IT resources internally 

When you want to focus on core 

competencies 

When you want to add the latest 
blades and servers but are unable to 
come up with enough power or cooling 



data center. That eliminates locations that 
don't have high enough ceilings, those that 
have limited power capacity, and facilities 
that have so many entrances that physical 
access security becomes a nightmare. 

Buying At A Colocation 

The alternative to building, of course, is 
buying space in a colocation, or leasing 
equipment and space. This can vary from a 
single rack to a large cage with row upon 
row of racks. 

"When you put your equipment alongside 
someone else's (caged or not), you are colo- 
cating," says Wilkes. "On the expensive 
side, you can have several cages of leased 
equipment that are managed by others. On 
the cheap side, you can have one of your 
own servers that you manage remotely." 

Whenever you need something that 
exists in both quantity and variety, Wilkes 
believes you should seriously question 
your need to build it yourself. "If you are 
not in the business of creating highly com- 
plex technical solutions and you think you 
can build a data center better and/or 
cheaper than a data center expert, there 
might be something in your drinking 
water," he says. "If you get the blueprint 
wrong, you could end up with enough 
Internet capacity to run NASA but only a 
thimbleful of disk space." 



A couple of visits to data centers illus- 
trates this point. One SME built its own 
data center in an older facility. Unfor- 
tunately, the airflow for the room is inhibit- 
ed by huge concrete ribs that run perpen- 
dicular to the cold air vents. The result is 
that new blades sit uninstalled, as there 
isn't enough cooling or power to cope. 

In comparison, a different facility fea- 
tures row after row of densely packed 
racks. Its buildings have vast reserves of 
power and cooling, more than any customer 
can possibly consume. 

Size Matters 

It's impossible to say that a smaller com- 
pany should buy and a larger one should 
build, or vice versa. "The rationale of build 
or buy does not change with size, but the 
ROI tipping point does," says Wilkes. "At 
some increase in size (server count, staff 
count, or other metric) the per capita cost 
tips toward ownership instead of renting. 
There is a substantial risk with technology, 
however, and that can cause you to under- 
estimate the total ownership cost." 

Factors to consider when thinking about 
owning the whole enchilada, then, are 
architecture and site planning, build-out 
cost, equipment purchase cost, equipment 
upgrade cost, building maintenance, staff 
training, and increased HR overhead. 
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Aggressive Non-Delivery 
Report Spam Combat 

SonicWALLs Email Security 6.2 Offers Complete 
Inbound & Outbound Email Protection 



Spam is the enemy of every network 
administrator; it clogs inboxes, creates 
unnecessary traffic, and can deliver mal- 
ware. Although measures at the client level 
can combat these dangers, preventing spam 
from reaching desktops is a powerful way to 
keep your network secure. 



SonicWALL Email Security 6.2 is 
designed to combat spam and backscatter 
messages with its new BATV (Bounce- 
Address-Tag-Validation) feature. When 



the BATV function is activated, it combats 
NDR (Non-Delivery Report) spam by dis- 
cerning a legitimate NDR message from 
an NDR spam message and dropping the 
connection from the spam's server. 

When an outgoing message is sent, it is 
tagged with a private key; when NDR 
messages are received, the tag is checked 
for validity. As SonicWALL processes 
both in- and outbound traffic, this tag 
checking can be done seamlessly for both 
the customer and end users. 

Other features of Email Security 6.2 
include enhanced language capabilities, 
including Dutch, French, and Swedish; 
improved visual representation of perfor- 
mance metrics for easier monitoring by 
administrators; and simplified licensing, so 



a user can choose the SonicWALL Email 
Security appliance or software system that 
best fits an organization's needs. For exam- 
ple, subscription services can be purchased 
in user packs of 25, 50, 100, 250, 500, 750, 
1,000, 2,000, 5,000, or more as needed. 

SonicWALL Email Security 6.2 

ES-200: $1,395; ES-300: $1,995; ES-400: $3,995; 
ES-500: $5,995 



An email security offering that is part of SonicWALL's 
comprehensive antispam and email security package 

(888) 557-6642 



www.sonicwall.com 



SONICWALL 
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Outside 

The Perimeter 



Remote Access Opens A Can 
Of Security Worms For SMEs 



by Kurt Marko 

Networked computing is the lynchpin of 
today's IT environment, and the ubiquity 
of public broadband networks allows the 
corporate network to extend anywhere 
employees can reach the Internet. Remote 
access has blurred the lines between the 
office and home, corporate LAN, and Wi- 
Fi hotspot, but the convenience comes at 
the price of manifold threats to network 
security. Yet with proper network design, 
event monitoring, user account manage- 
ment, and security policies, remote access 
needn't constitute an open invitation to 
hackers; IT managers can still provide the 
convenience users want with the security 
management expects. 

Major Vulnerabilities 

One of the biggest vulnerabilities John 
Kindervag, network security analyst at 
Forrester Research, sees at many compa- 
nies is also one of the most fundamental: a 
poorly designed network architecture that 
doesn't properly partition remote clients 
from internal LANs. Segmented networks 
facilitate a layered defense strategy where- 
by traffic can be thoroughly inspected for 
malware or other attack vectors prior to 
accessing trusted internal resources. 

Aggravating vulnerabilities exposed by 
improper network design can be firewall 
and VPN configurations that are too per- 
missive. VPNs are the heart of any remote 



access solution, yet Kindervag 
says many companies don't 
consider the security implica- 
tions of various VPN options 
such as split tunneling. 

Peyton Engel, a technical 
architect and security special- 
ist at CDW (www.cdw.com), 
highlights that a lack of con- 
trol and oversight over remote 
user accounts and their access 
rights can represent a hidden 
threat. He says it's common 
for IT departments to focus on 
procedures for establishing 
remote access accounts but to 
forget tools and processes 
designed to remove access for 
those who no longer require it. 

Another common practice 
that can expose a business to 
unnecessary risk is granting all 
remote users the same network 
privileges. It's important to 
understand the user communi- 
ty before implementing remote 
access, says Engel, who adds 
that "IT should pay close 
attention to the principle of 
least privilege . . . don't grant 
people more access than they need." He 
finds many companies granting remote 
users, whose systems are subject to many 
more threats, the same access rights 
as those on internal networks. Engel 



recommends users get only the level of 
access required for their applications and 
no more; for example, if a road warrior on 
a BlackBerry mainly checks email and his 
calendar, he doesn't need unfettered access 
to the entire corporate LAN. 

Detection & Prevention Measures 

Mitigating and preventing remote ac- 
cess threats involves best practices like 
those used for any other IT security issue, 
says Kindervag, beginning with a risk 
management program. A formalized risk 




management strategy can drive more 
detailed activities such as network vul- 
nerability scanning, penetration testing, and 
policy development, he adds. Once specific 
network vulnerabilities are discovered, a fol- 



Top Vulnerability: Poor Network Design & Split Tunneling 



Like building a house, running a secure remote 
access networl< requires detailed planning and a 
solid foundation. Perhaps the biggest vulnerabili- 
ty SMEs face is having a poorly designed net- 
work and loose security configuration. According 
to John Kindervag, network security analyst at 
Forrester Research, many enterprises don't ade- 
quately segment remote networks, which have 
much greater risk exposure, from their core 
internal LANs. A basic tenet of secure network 
design is partitioning LANs into zones of differ- 
ent security and, most importantly, segmenting 
external traffic from internal networks. Traditional 
Internet firewall design illustrates this principle; 
however, Kindervag often sees customers 



bridging remote VPNs directly into office net- 
works with no inten/ening router filtering, firewall, 
or intrusion detection system. He notes that an 
encrypted VPN does nothing to prevent compro- 
mised client PCs from spreading malware. By 
terminating VPN connections on a separate net- 
work, traffic from external systems to internal 
servers can be thoroughly inspected for attack 
signatures and malware. 

A related and equally common practice that can 
increase a network's exposure is split tunneling, 
or the ability of VPN clients to bridge between 
the secure VPN link and their local, unsecured 
LAN. With many employees having home 



networks or mobile users accessing a VPN from 
public Wi-Fi hotspots, split tunneling can allow 
an outside system to effectively act as a router 
for any external network to which it's attached. 
Unfortunately, disabling the local network when- 
ever a PC has a VPN connection is a major 
inconvenience for employees relying on network 
printers or NAS file shares. It also means that all 
traffic bound for the public Internet routes 
through the company's WAN instead of their 
local broadband connection. For these reasons, 
Peyton Engel, a technical architect at CDW 
(www.cdw.com), says companies are rethinking 
their bans on split tunneling, preferring to add 
other layers of defense as countermeasures. 
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low-up gap analysis is necessary to uncover 
where existing security measures are inade- 
quate and to serve as a roadmap for new 
policies and controls to plug security holes. 
He notes that risk management and vulnera- 
bility assessment are ongoing processes, not 
tasks: "There's no end game for security." 

Due to the specialized skills involved in 
performing a thorough penetration analysis, 
as well as the constantly evolving threat 
environment, Engel says that at least some of 
the vulnerability testing is best done by out- 
side experts. Ongoing network scanning with 
a number of services providing 
perimeter network probes is 
also advisable, according to 
Engel, while Kindervag recom- 
mends IT consider adopting 
security risk and compliance 
management software. 

In order to gain control over 
remote access users, Engel 
says it's important to consoli- 
date and integrate user account 
databases. He also highlights 
the importance of vigilant net- 
work monitoring to securing 
remote access networks. Event 
detection and correlation soft- 
ware, also known as security 
information management sys- 
tems, can be powerful tools in 
automating this task, accord- 
ing to Engel. He notes that 
remote access gateways can 
produce a multitude of infor- 
mation; however, without an 
automated means of culling 
through the data, it can be dif- 
ficult to spot compromised 
systems or external attacks. 

Wireless networks present 
additional challenges for IT 
security managers both when 
used within the office and by 
mobile employees accessing public Wi-Fi 
hotspots. Fon-ester analyst Chris Silva notes 
that wireless LANs significantly expand the 
"footprint" of internal networks because 
their radios are likely broadcasting to loca- 
tions impossible to predict without a 
detailed RF site survey. As with VPN con- 
nection, Silva says it's advisable to partition 
wireless LANs from internal wired net- 
works and to configure wireless controllers 
to detect and disable rogue access points. 

Given the ease with which compromised 
mobile clients can spread malware to the 
rest of the enterprise via a VPN connection, 
Silva says companies should consider 
deploying NAC (network access control) to 
ensure that remote systems meet standard 
security criteria before accessing internal 
networks. Should a client's system fail the 
security check, perhaps with an out-of-date 
antivirus database or no personal firewall, 
NAC systems can still allow them limited 
connectivity, typically via an isolated 
"quarantine" DMZ (demilitarized zone), 
while protecting the corporate LAN. 
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Serious Storage 

Mercury Rack Pro Offers Easy Integration, High Performance 



When you need data storage with maxi- 
mum reliability, quality, and performance, 
Mercury Rack Pro solutions from OWC 
(Other World Computing) will exceed your 
needs. OWC has been providing quality 
hardware products and support since 1988, 
and the Mercury Rack Pro is no exception. 
It's available in sizes up to 4TB with drives 
that are striped (RAID 0), striped and mir- 
rored (RAID 0-Hl), or JBOD (Just a Bunch 
of Drives). With a variety of models featur- 





ing FireWire 800, FireWire 400, USB 2.0, 
and/or eSATA interface ports. Mercury 
Rack Pro solutions provide seamless inte- 
gration into your data center. To cut down 



on the cable clutter, port multiplier versions 
for the eSATA Rack Pros are also available. 

Mercury Rack Pro solutions include a 
standard two-year warranty or an Enter- 
prise option with a five-year warranty, one 
year advance cross ship, and one year 
level one tech support. Designed to meet 
the performance demands of video and 
audio production, OWC Mercury Rack 
Pro provides data transfer rates of more 
than 115Mbps. All models are tested and 
suitable for audio/video and are Prosoft 
Engineering Data Backup and NovaStor 
NovaBACKUP certified. 

OWC Mercury Rack Pro features: 

• Up to 4TB of storage 

• FireWire 800/400, USB 2.0, and/or 
eSATA ports 



• Available with port multiplier options 

• Connecting cables included 

• Mac and PC compatible 

• Up to five-year warranty 

OWC Mercury Rack Pro 

Starts at $629.99 

Data storage ideal for Mac or Windows operating sys- 
tems, with RAID 0, 0+1 , and JBOD options available 

(815) 333-5008 

www.macsales.com/firewire 

other World Computing 



owe 



Serving the Computer Universe sinte 1 988 
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Security 
Conundrums 



Desktops & Laptops 
Alike Can Pose Risks 

by James Cope 

• ■ • 

There are among us those lucky workers 
who still use computers in physical offices 
rather than toting laptops to and fro. Even so, 
the idea that desktop-based computers are 
more secure because they stay behind the 
physical facilities of your company is often 
based on wishful thinking. 

Door alarms and outdoor lighting may 
help business owners feel protected come 
closing time, but the computers inside the 
office building are far from secure, according 
to Peter Evans, vice president of marketing 
for IBM Internet Security Systems (www.iss 
.net) in Atlanta. And because of desktop con- 
nections to the Internet, email from outside 
the company, and employees syncing hand- 
held devices to their desktops, the business 
"perimeters are still very porous," Evans 
says. Add to that the risks associated with 
teleworking, and SMEs have some serious 
security concerns on their hands. 

Physical Security: A l\/latter Of Vigilance 

Whether they use laptops or desktop PCs, 
employees need to be aware of the first rule 
of computer security: vigilance. "All too 
often, users assume that no one would steal 
their computer," says Mike Flannelly, a 
spokesman and product manager for 
Computer Security Products (www.com 
putersecurity.com) in Nashua, N.H. 
Flannelly says the majority of computer 
thefts "are crimes of opportunity," both 
inside and outside the office. 

Consider open office environments. 
In companies where visitors often come and 



go without escorts, there's nothing to stop an 
enterprising thief from packing up an unat- 
tended laptop or even a 
compact desktop comput- 
er from an open cubicle. 

It doesn't take much to 
avoid these types of thefts, 
Flannelly says. If you 
have an office with a door, 
close and lock it. Other- 
wise, a simple cable lock 
that tethers the computer 
to the desk is usually 
enough to dissuade the 
casual thief. Encouraging 
absent employees to put 
laptops in a desk drawer 
(preferably one that locks) 
is another simple solution. 
Even an inventory label 
on the front of a desktop 
PC is often enough to 
make someone think twice 
about heisting it. For para- 
noid desktop users, there 
are locking cases that help 
prevent theft of the 
innards — removing the 
hard drive, for example. 

Laptops at airports and 
in parked cars are easy 
pickings for both professional and casual 
thieves, Flannelly says. Encourage your 
employees who remove their laptops from 
the office to keep them close by and 
assume that someone can and will steal it 
given an opportunity. 

Finding & Fixing Data Leaks 

From desktop to network to server — 
whatever the path — today's malicious soft- 
ware coders and social engineers are no 
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longer interested in fame like the hackers of 
just a few years ago. Instead, they're after 
high-value data, which equates to money. 

"Anywhere you have [more than] 500 peo- 
ple in more than one office, data resides with 
multiple people," says Yankee Group Re- 
search Fellow Laura DiDio. That can make 
unattended desktop computers sitting ducks. 

"Walk in with a USB drive and plug it 
into the USB port. That's a real risk," says 
Darrell Rodenbaugh, senior vice president 
of the midmarket segment for McAfee 
(www.mcafee.com). The same thing is true 
for small desktops and laptops that aren't 




Top Vulnerability: Security Management 
& User Awareness 



A recent study by McAfee 
(www.mcafee.com) con- 
cludes that 39% of SMEs 
surveyed in the U.S. "spend 
just one hour per week pro- 
actively managing IT securi- 
ty threats." That isn't surpris- 
ing, given that many of the IT 
people working for SMEs are 



over-tasked as it is. One 
solution, aside from buying 
security training for existing 
IT personnel and giving them 
the cycles to actually man- 
age security in the SME, is 
to insist on simple automat- 
ed desktop tools and have 
a contract security pro do 



enterprise risk assessments 
at regular intervals. And in 
the absence of enterprise- 
wide security controls, anoth- 
er positive step is to estab- 
lish user policies and con- 
duct training sessions on 
acceptable computing behav- 
ior across the company. 



locked to a desk: They can walk out the 
door with very little help. 

Less obvious are phishing scams that 
direct users to fake Web sites that look like 

Be sure that automatic 
and set to download 

the real thing but install malware that looks 
for company data and personal information. 

Other potentially leaky data pipes that 
concern Evans are the online social net- 
works. He says, "There is a whole universe 
of workers coming into the workforce who 
will start using these tools to do business. 
The challenge you have is that the new gen- 
eration . . . isn't really cognizant of the risks 
they introduce to the business." Not only do 
these tools offer channels for sharing com- 
pany data with people outside of the compa- 
ny, but they also present new ways for 
"Trojan horses to get into the buildings." 

Evans says that smaller companies are 
not immune to data leakage, because the 
effort by sophisticated malware coders and 
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those who specialize in malicious intru- 
sions is automated and global. "It [mal- 
ware] doesn't care if it's a small business 
or a big business, because these tools [used 
by data thieves] are automated," he says. 

SMEs should caution employees to not 
leave running computers unattended and to 
keep desktops physically secured, put in 
place policies about sharing passwords, and 
establish guidelines on what online tools 
are permissible for office use. 

Applying Patches 

While major vendors of desktop operating 
systems and applications 
automate updates and 
patches that plug security 
holes discovered by infor- 
mation security analysts, 
security software vendors, 
and even by hackers, it 
doesn't mean they're ap- 
plied to all desktops rou- 
tinely. The solution is rela- 
tively obvious: Be sure that 
automatic updates on desk- 
top machines are turned on 
and that they are set to 
download patches and 
apply them when the com- 
puter itself is on and con- 
nected to the network. 

There are some things in 
particular to look for when 
it comes to updating appli- 
cations. Setting automatic 
updates for Microsoft 
Windows, for example, 
doesn't necessarily mean 
that the user will receive 
updates for the Microsoft 
Office applications auto- 
matically. You need to turn 
on automatic updates to the applications, too. 

And don't set applications to update on a 
wholesale basis. Full updates sometimes 
contribute to software bloat and slow down 

updates are turned on 
and apply patches. 

applications. Generally, enterprise man- 
agers can customize the update settings to 
avoid applying unnecessary changes. Ask 
the question: Does the update fetch and 
install important or critical security patches 
and application changes that improve 
the performance of an application, or is 
the recommended update one that may in- 
stall optional fluffy features that a user 
may not need? 

In small enterprises, it may be necessary 
to routinely visit desktops to ensure that 
they have the latest critical software 
updates installed. As a part of the process, 
ensure that updates and desktop scans for 
antivirus and antispyware applications are 
set to take place automatically. 
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Enterprise-Class Backup 
& Recovery 

Zmanda's Amanda Enterprise 2.6.4 Offers Powerful Protection 
With Easy Administration 



Easy-to-understand reports help administrators track events. 

As THE NEED FOR available data increases, 
budgetary and staff costs can prohibit 
some SMEs from acquiring or effectively 
managing backup and recovery products. 
They need backup and recovery apps that 
are easy and quick to install, are simple to 
manage, and have all the functionality an 
enterprise needs, all at a low cost. Am- 
anda Enterprise is Zmanda's effort to pro- 
vide a solution to this problem. 

Amanda Enterprise 2.6.4 is the latest 
iteration of the software, an open-source 
product that uses only standard formats 
and tools instead of proprietary products. 
Backups can be made to a single Linux 
or Solaris master backup system from 
multiple systems. Supported platforms 
include Windows, Linux, Solaris, and 
Mac OS X. 



Other new features of Amanda 
Enterprise include online backup 
support for Microsoft SQL Serv- 
er, Microsoft Exchange, and Ora- 
cle databases and protection for 
Windows Active Directory. The 
software can restore a variety of 
hardware and virtual environments 
and uses Microsoft's Volume Sha- 
dow Copy Service to ensure relia- 
bility during hot backups so data 
access won't be impacted. 
Amanda Enterprise supports a variety 
of backup media and methods. Data and 
archives can be stored on disks, tape, opti- 
cal devices, or online storage services. 
The Department of Homeland Security 
has certified it is free of security defects. 

Zmanda Amanda Enterprise 2.6.4 

Starts at $100 per backup server; 
clients start at $100 each 

An open-source backup and recovery application 
that features low cost of ownership and easy 
management 



(408) 732-3208 




www.zmanda.com 
zmanda 

Open Source Backup 
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Green Data Destruction 



D3's New DSeraSE Service 




Data destruction and green recycling 
efforts are often at odds with one anoth- 
er. Now, thanks to the new D3eraSE ser- 
vice from D3 (Digital Data Destruction 
Services), IT managers have another 
option for securely destroying data with- 
out permanently destroying the media 
on which it is stored. 

DSeraSE is a Tier 4 electronic data 
destruction process that permanently 
removes all data stored on a hard drive 
or flash media in such a way that data 
recovery is impossible, yet the media is 
reusable. Because the D3eraSE service 
is more secure than simply overwriting 
the data, the NIST (National Institutes of 
Standards and Technology) classifies 
D3eraSE as acceptable for confidential 
documents. D3eraSE has also been 
accepted by the Department of Defense 



for use with media containing data that's 
labeled as secret information. 

In contrast with Tier 3 destruction or 
Department of Defense Directive 
5220.22 triple-pass overwriting, 
which leaves the opportunity for up 
to 10% of the data to be forensically 
recovered, the D3eraSE Tier 4 ser- 
vice eliminates the possibility of 
forensic recovery. 

D3eraSE's Tier 4 services provide a 
less extreme alternative to Tier 5 data 
destruction services that completely disas- 
semble, degauss, and recycle hard drives. 
Plus, because media is still usable after 
using the D3eraSE Tier 4 service, cus- 
tomers can save thousands of dollars by 
reusing their existing stock of hard drives 
and flash media. 

Digital Data Destruction Services 
DSeraSE 

Permanently erases data on storage media, making 
the media reusable and rendering data recovery 
impossible 



(715) 372-6700 
www.d3services.com 
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Real-Time 
Threat Detection 

Intellitactics Security l\/lanager Streamlines Incident Handling 
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Intellitactics Security Manager can provide reports to validate 
compliance with regulatory standards, Internal policies, and 
Industry best practices. 



Known for delivering a hoUstic view 
of all the components within an IT infra- 
structure, Intellitactics increases the num- 
ber of logs and devices that can actively 
be managed by any organization. Its flag- 
ship product, Intellitactics Security 
Manager, consolidates and analyzes data 
from security devices, operating systems, 
and applications to provide real-time 
threat detection, historical analysis for 
forensics, and compliance reporting. 

Security Manager centralizes security 
information and automates log aggrega- 
tion, security event management, action- 
able alerting, and incident response. 
One-click alert assessments and simple 
drill-down to the parsed and raw events 
provide contextual details for any alert. 



enabling IT to streamline incident 
handling and providing reports that 
verify and validate compliance with 
regulatory standards, internal poli- 
cies, or industry best practices. 

Intellitactics' AIR (Active Integra- 
tion and Response) program provides 
for the expansion of the security 
ecosystem through integration with 
leading-edge security products that 
leverage Intellitactics Security Man- 
ager's analysis of data sources. Se- 
curity Manager's analytical engine 
generates notifications of threats. The 
integration of Security Manager with 
complementary security technologies pro- 
vides the security team with a more com- 
plete picture and helps to better protect the 
enterprise and comply with regulatory 
standards by simplifying the ability to 
monitor, analyze, take action, and report 
on security-related events. 



intellitactics Security IVIanager 

Consolidates and analyzes data from security 
devices, OSes, and applications 



(877) 746-7658 
www.intellitactics.com 



Intellitactics 
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OfficeBlade 
(SBE-710Q) 





SuperBlade® 
(SBE-710E) 





DatacenterBlade 
(SBE-714D) 



OfficeBlade™ Features: 

• Super low noise - SOdB with 10 DP blades 

• Energy efficiency - 93% efficiency power supply, 
DDR2 memory 

• Density & performance - 10 DP blades with 20 
Quad-Core Xeon processors per 7U enclosure 

• Ease of Use - easy set up with remote 
management tools 

• Flexibility - two or four 100-240VAC power supplies, 
optional small racks with door and air filter, optional 
Gigabit Ethernet switch or pass-through module, etc. 

• High availability - N+1 redundant power supplies, 
redundant modules - chassis management, Gigabit 
Ethernet switch or pass-through module 

• High-performance storage - 2x SAS/SATA drives per 
server blade with RAID 0, 1 

SuperBlade'^ Features: 

• Highest computing density (Up to 40 CPUs, 160 
Processor Cores, and 640GB memory for 4-way 
version SuperBlade®) 

• Fastest and Most Cost-Effective Networking Solution 
(Infiniband QDR support) 

• High Efficiency Power for Earth-Friendly Operations 
(93% power efficiency with highly effective cooling 
subsystem design) 

• Outstanding Storage Flexibility (Up to 60x 2.5" HDDs 
in 7U for Storage Blades) 

• Peace of Mind via Remote Management 

• Unsurpassed TCO 

DatacenterBlade™ Features: 

• High density - 14 DP blades in 7U enclosure; up to 
672 processing cores in standard 42U rack 

• High performance - up to 0.27 GFIops/watt * 

• Energy efficiency - 93% efficiency power supplies 
and native DDR2 memory instead of FBD memory 

• High availability - N+1 redundant power supplies 

• Ease of Use - easy to set up with remote manage- 
ment tools 

• Flexibility - two or four 100-240VAC power supplies 

• High-performance storage - 3x SAS/SATA drives per 
server blade with RAID 0, 1, 5, 10 



WIR€DZON€ 



:om 



"Reliable Technology, Delivered Fast" 
Toll Free (888) 343-1311 

2008 Wiredzone.com, Inc. Specifications and price subject to change witliout prior 
notice. All other brands and names are the property of their respective owners. 
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Messaging & Telephony 
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Complete Email & 
Collaboration Server 

PostPath Ensures Ongoing Service In The Event Of A Failure 
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PostPath Server High Availability Edition v2 is a drop-in 
alternative to Microsoft Exchange. 

PostPath Server High Availability 
Edition v2 is a complete email and col- 
laboration server that is a drop-in alterna- 
tive to Microsoft Exchange and incorpo- 
rates multiple measures to ensure ongo- 
ing service in the event of a failure in the 
underlying hardware or network sys- 
tems. It consists of a multiserver bundle 
with one or more instances of the prima- 
ry PostPath Server that act as the mail- 
box email server(s) during normal opera- 
tion, plus a redundant server to take over 
in case of primary server failure. 

The PostPath Server uses a "continually 
consistent" file-based data store. By 
exploiting the performance and capabili- 
ties of native server file systems, PostPath 



Server enables the use of the open 
and standards-based high-availabili- 
ty tools leveraged in PostPath 
Server High Availability Edition v2, 
simplifying the implementation and 
management of email services. 

New features to version 2 expand 
the number and types of high avail- 
ability configurations supported. 
These include the choice of shared 
or replicated storage configurations, 
on or offsite redundancy configura- 
tions, synchronous or asynchronous 
replication configurations, virtual 
HA support, the ability to configure 

hot or cold failover, and support for 

Web mail and mobile devices. 
PostPath Server High Availability 
Edition v2 is the latest addition to the 
PostPath Server family, a line of email 
servers that are network-protocol inter- 
operable with the Exchange ecosystem. 

PostPath Server 

High Availability Edition v2 

Starts at $4,000 for 60 users, including native Outlook, 
ActiveSync, BlackBerry support, and redundant server 

Email and collaboration server that can serve as a 
replacement or supplement to Microsoft Exchange 



(650) 810-8100 
www.PostPath.com 
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Protect Online Apps 

Imperva SecureSphere Web Application Firewall 
Helps Businesses Protect & l\/lonitor Sensitive Data 




Web application attacks can produce 
devastating results ranging from high- 
profile data breaches to brand damage, 
lawsuits, and fines. 

The Imperva SecureSphere Web Ap- 
plication Firewall is an accurate, effec- 
tive Web application firewall. The 
SecureSphere WAF protects online 
applications against sophisticated appli- 
cation-level attacks such as SQL injec- 
tion and cross-site scripting, prevents 
theft and leakage of data from online 
applications, and meets the PCI DSS 
(Payment Card Industry Data Security 
Standard) section 6.6 application securi- 
ty requirement. 

The SecureSphere Web Application 
Firewall helps businesses better protect 
and monitor their applications and sensi- 
tive data. Imperva' s Dynamic Profiling 
technology automatically builds a model 
of legitimate behavior and adapts to 
application changes over time, keeping 
SecureSphere' s application defense up 



to date and accurate without manual 
configuration or tuning. 

Deployed in minutes with no changes to 
the existing infrastructure, SecureSphere 
protects and monitors the complete appli- 
cation stack from the individual applica- 
tion to the server and network. Imperva' s 
Transparent Inspection technology deliv- 
ers multigigabit performance, submillisec- 
ond latency, and options for high avail- 
ability that meet the most demanding data 
center requirements. For large-scale 
deployments, the SecureSphere MX 
Management Server centralizes and 
streamlines configuration, monitoring, 
and reporting. 

The SecureSphere Web Application 
Firewall leverages multiple inspection 
layers and security defenses to provide 
the highest level of protection. 

Imperva SecureSphere 
Web Application Firewall 

Starts at $17,500 

Protects online applications against sophisticated 
attacks such as SQL Injections 



(650) 345-9000 
www.lmperva.com 
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Eliminate PBX Headaches 

Replace Your Traditional Hardware PBX 
With The Feature-Packed 3CX Phone System For Windows 
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3CX Phone System includes a Web-based interface 
for configuration and presence status notification. 

Break free from proprietary phone sys- 
tems and move up to an open standard IP- 
PBX that increases employee productivity 
and costs less. Enable staff mobility with 
calls that can be made and answered 
seamlessly from outside the office and 
voicemail and faxes received via email. 
Globalize your business by connecting 
branch offices and redirecting local cus- 
tomer service numbers via the Internet to 
your phone system at negligible cost. 

3CX Phone System for Windows is a 
software-based IP-PBX that replaces a 
proprietary hardware PBX. It supports 
most SIP phones, VoIP gateways, VoIP 
service providers, and PSTN phone lines. 
It is easy to manage as it integrates well 
with Windows network infrastructure. 



The advanced phone system sup- 
ports call switching, routing, and 
queuing; scalability to unlimited 
extensions and phone lines; easy 
management with Web-based con- 
figuration and presence status indi- 
cation; unified messaging; auto 
attendant; and configurations for 
many VoIP providers. The new ver- 
sion also ships with call conference 
rooms, Windows 2008 support, pag- 
ing/intercom, and other features. 

3CX Phone System comes in four 
editions, all supporting an unlimited 
number of extensions. The Free edition 
can handle eight simultaneous calls; the 
Small Business edition supports up to 
eight; the Pro up to 16; and the Enterprise 
up to 32. Commercial editions have an 
extensive feature set, and call capacity can 
be expanded with upgrade packs. 

3CX Phone System Version 6.0 

Free edition available; Small Business Edition starts 
at $595 



Software-based IP-PBX phone system with call 
switching, routing, queuing, and many other features 

(800)687-0903 

www.3cx.com 
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Super Network 
Management 

Entuity's EYE Can Increase Effectiveness & Productivity 




At a glance, IT staff can view the status of the network 
from the Eye of the Storm dashboards. 

To drive profitability, today's net- 
works must offer configurations and 
architecture that support a broad range of 
initiatives for business service manage- 
ment and service delivery. Entuity's Eye 
of the Storm (EYE) is a network manage- 
ment tool that dispenses the information 
IT operations personnel need to sustain 
real-time business imperatives, optimize 
the capacity and performance of network 
resources, and support the variety of oper- 
ating systems within an organization. The 
newest release, EYE 2008 Service Pack 2, 
adds a number of features. 

EYE 2008 SP2 includes support for 
current heterogeneous devices, including 
the Cisco SSL Proxy module and client 



support on Windows Vista. To help net- 
work managers and architects visualize 
and author network topology in a geo- 
graphical content, the new EYE software 
suite includes an EYE Connectivity 
Viewer to add background images and 
export maps in Microsoft's Visio format. 
The new features let IT staff superimpose 
network models or troubleshooting dia- 
grams over maps or schematics. 

EYE 2008 SP2 also features expanded 
router protocol awareness that lets EYE 
automatically discover HSRP-active rout- 
ers and their peers, collect performance 
data, present reports, and deliver alerts on 
operational anomalies and thresholds. The 
real-time reports and alerts let IT staff 
proactively optimize the operation of 
high-availability networks. With script- 
able device renaming, EYE 2008 SP2 
helps automate workflows to fit the strate- 
gies of network admins and power users. 

Entuity Eye of the Storm 

Starts at $50,000; current customers get SP2 free 

Helps IT staff Increase productivity by automating 
processes for business service management 



(800) 926-5889 
www.entuity.com 
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Easier Database 
Monitoring & Auditing 

Tizor Systems Mantra 6 Helps You Reduce Risk & Regain Control 



pass a compliance audit. Tizor Systems 
Mantra 6 enables enterprises to regain 
control of critical data, IT budgets, and 
Most companies do not have a complete personnel resources, 
inventory of their databases or the types of Mantra' s architecture balances techni- 
data that exist within them. This lack of cally sophisticated analytical capabilities 
visibility creates risks that could lead to with an intuitive user interface and easy- 
insider abuse, data breaches, or failure to to-use policy language. Mantra 6 features 



include automated discovery for finding 
databases and specific classes of sensitive 
data; session termination for blocking 
unauthorized or suspicious database activ- 
ity; and drag-and-drop policy creation for 
the fastest and easiest implementation of 
data auditing for risk mitigation. 

Mantra 6 automates discovery tasks, 
quickly finding and classifying databases 
and the data within them to provide 
unprecedented visibility into the location 
of data assets, type of data assets in use, 
and potential risks to those assets. 

Mantra's policy language allows techni- 
cal or nontechnical users to create detailed 
compliance and security policies without 
the long learning curve typically associat- 
ed with these tools. 



Mantra 6 includes: 

• Automated, best-in-class data discovery 

• Non-inline blocking 

• Drag-and-drop policy creation and poli- 
cy wizards 

• Behavioral Fingerprinting 

• Content scanning 

• Unstructured data 

Tizor Systems Mantra 6 

Provides real-time auditing, monitoring, and reporting 
of critical data assets 



(978) 243-3200 
www.tizor.com 
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High-Performance Security 

WIN Enterprises' PL-60760 Series Secures 
A Variety Of Networking Applications 



Efficient and effective networking of 
devices, offices, and employees is vital to 
the success of any business, but it must 
also be secure. Getting a host of secure 
networking options in one package goes a 
long way toward that goal. The PL-60760 
series of network security appliances 
from WIN Enterprises sports a bevy of 
features all packed into a lU rackmount 
form factor. 



The PL-60760 platform is ready-made 
to be deployed for applications such as 
IDS/IPS, firewalls, VPN gateways, NACs, 
and UTM (unified threat management). 
The time-to-market is designed to be as 
short as possible, so OEMs can put the 
appliance to use quickly. 



Features of the PL-60760 appliance 
include four GbE ports with optional bypass 
options; four 10/100 Ethernet LAN ports; 
and a port each for USB, RS-232, and Mini 
PCI. System memory can be configured up 
to 4GB via DDR2 sockets. The device also 
has two PCI-X slots, a 16x2 LCM display, a 
four-button keypad, and an easily remov- 
able cover. The PL-60760 also sports one 
E-ATA and two SATA connectors and 
CompactFlash types I and II and operates 
on the Intel Socket 479 Core 2 Duo/Core 
Duo processor with the Intel 3100 chipset. 

Supported operating systems for the 
PL-60760 include Windows 2003/XP/XP 
Pro/Vista as well as Linux distributions 
including Fedora/8, Redhat Enterprise 
Linux 5, and Cent OS 5. 



Available configurations include the PL- 
60760A and PL-60760B. The former has 
four GbE Copper interfaces, while the lat- 
ter has four SEP ports. There is also a con- 
trol board version, the MB-60760, which 
also has four GbE and 10/100 LAN ports. 

They can be customized to specifications 
and feature customer-specific bezel designs. 

WIN Enterprises PL-60760 

PL-6076A: $617; PL-6076B: $766 

A networl< security appliance with short time-to-marl<et 
that can be customized for OEMs 



(978) 688-2000 
www.win-enterprises.com 
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Same Great Information, 

NEW LOOK 

Our new, easier-to-read home page allows you to 
quickly find the information you need. 




Encryption 
isn't just for 
Secret Agents 



The ABS-Secure Backup System 

AES Full Disk Encryption 




www. cmsproducts. com 
800-327-5773 
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Product of the Week 



The Defrag Experts 



Diskeeper 2008 Dominates With InvisiTasking 
& Real-Time Defrag Features 



by Chris A. MacKinnon 

Busy small to midsized enterprises 
sometimes don't think about disk fragmen- 
tation until it's almost too late. Sluggish 
systems caused by fragmentation are not 
appreciated even at the best of times. In 
fact, Michael Materie, director of product 
management at Diskeeper (www. diskeeper 
.com), says disk fragmentation is a major 
impediment to storage performance wheth- 
er you are using local IDE and SATA 
drives, direct-attached SCSI disks in a 
RAID, or even SAN-attached disk arrays. 

Well-Oiled 

According to Materie, defragmenting 
disks is as vital as changing the oil in your 
car. "If you neglect the regular oil changes," 
he says, "after a while, your gas mileage 
deteriorates and eventually the engine blows 
up. It's very similar with fragmentation. 
Fragments accumulate over time, slowing 
down the computer until some time down 
the road, the computer starts to hang, and 
applications freeze up." 

Materie says the realized benefits of 
defragmentation include faster and more 




'tl) Diskeeper 
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Diskeeper 2008 

Description: Defragmentation software that 
automatically maximizes system performance 
and reliability 

Interesting fact: Diskeeper once appeared in 
a question on the game show "Jeopardy." 
Q: "Diskeeper is software to do what?" 
A: "What is defragment." 

(818) 771-1600 
www.diskeeper.com 



productive users and computers; fewer calls 
to the help desk due to performance or relia- 
bility issues; longer drive life span due to 
less wear and tear; and computers that per- 
form better, which can delay the high 
cost of purchasing new systems by 
months or even years, according to an 
IDC study. In addition, he says if you're 
running a virtual system or SANs, you'll 
save on the need to upgrade and add 
more new hardware, as the current hard- 
ware will operate more efficiently. 

"Fragmentation starts at the file sys- 
tem level," Materie says. "The file sys- 
tem then has to generate additional 
unnecessary I/Os for each of the frag- 
ments and pass these into the storage sub- 
system. The result is increased overhead 
for the storage system to handle, and with 
the disk drives as the weakest link in a 
computer, the more wasted effort that has 
to channel through the disk, the slower the 
overall system will be." 

Because many SMEs use virtual ma- 
chines, Materie says it's also important to 
know that virtual machine environments 
compound fragmentation, as excess I/O 
generated by one VM (virtual machine) 
also affects the other VMs on the system 
that are sharing the same hardware. "It's 
vital to defragment virtual machine host 
systems as well as all the guest systems," 
he says. 

The Benefits 

Tons of defragmentation software are 
available to SMEs, so what is it about Dis- 
keeper 2008 that sets it apart? Materie says 
it's a technology at the core of Diskeeper 
called InvisiTasking. "InvisiTasking is a 
technology that allows Diskeeper to defrag- 
ment with zero overhead on a computer," he 
notes. "In past years, customers noted that 
defragmentation was resource-intensive and 
interfered with production. Scheduling a 
defrag process to nights and weekends 
worked in some cases but not others and cer- 
tainly added management overhead to IT 
staff." Diskeeper defragments in the back- 
ground invisibly so that systems can perform 
at a maximum without consuming extra re- 
sources. Gone are the days of defragmenting 
after hours in the enterprise. 

Materie says to address customer feed- 
back, Diskeeper pioneered various options to 
throttle the software's resource usage or run 



defrag only while screen savers were active, 
but none of these additions truly solved the 
customer problem. "Our lead engineers then 
went a step deeper and really investigated the 
NT Thread Scheduler used by the Win- 
dows operating system to allocate system 
resources to running processes," he notes. 
"That research noted significant drawbacks 




in relying on that 
methodology to support what we 
wanted to provide our customers: invisible 
background operation. Bom of that research 
project was InvisiTasking." 

Materie says rather than letting the 
operating system scheduler allocate the 
entire computer system to each process 
one at a time in round-robin fashion, 
InvisiTasking causes the system to allo- 
cate its various resources (CPU, memory, 
disk, and network) separately to the 
processes that need each one. He says this 
allows overlapping use of separate re- 
sources, not just reducing system over- 
head but eliminating it altogether. 

"The addition of InvisiTasking to the 
Diskeeper product several years ago revo- 
lutionized the defragmentation industry," 
Materie notes. "We knew we had a fantas- 
tic innovation and are now licensing the 
technology to other software manufacturers 
(see www.invisitasking.com), so they can 
revolutionize their respective industries 
with zero-overhead solutions." 



Automatic Improvements 

Another aspect that sets Diskeeper apart 
from its competitors is the fact that it's an 
automatic defragmenter. "With Diskeeper, 
files are defragmented on the fly using 
technology that allows that entire process 
to be completely invisible. It's important to 
delineate an automatic defragmenter from a 
manual or scheduled defragmenter because 
they are not the same," Materie says. 
"Automatic means that after installing the 
software, all defragmentation operations 
are handled automatically without any fur- 
ther management effort required. That 
equates to faster and greater ROI, especial- 
ly over the long term." 

Materie says yet another unique 
Diskeeper feature is I-FAAST (Intelligent 
File Access Acceleration Sequencing 
Technology), which optimizes placement 
of your most important data. This results 
in additional file read and write perfor- 
mance above defragmenting alone, typi- 
cally a 10 to 20% improvement, he says. 

Since July 22, 1981, Diskeeper (for- 
merly known as Executive Software) has 
sold more than 30 million Diskeeper 
licenses to home users and large enter- 
prises for speed and reliability on 
Windows-based laptops, desktops, and 
servers. Materie says some of the most 
common benefits that SMEs can expect 
to experience after installing the soft- 
ware include faster boot and load times 
and faster backups and antivirus scans. 
He says users will also typically notice 
boosted access times for Microsoft 
Outlook, Excel, or Word applications. 
In terms of reliability, Diskeeper also 
increases computer uptime and can extend 
a computer's life span up to three years. Q 

\ 

Essential Benefits 
Diskeeper Provides 

The following information, gathered from 
254 Diskeeper customers, breaks down 
the benefits that customers get from using 
the Diskeeper product. The percentages 
are based on what customers said about 
each benefit. 

Transparent defrag runs unnoticed: 78% 

Reliability restored: 77% 

Pushes system performance to its peak: 71 % 

Saves money and time: 71% 

Eliminates costly hardware upgrades: ....71% 

Extreme condition defragmentation: 62% 

Defends critical system files 

from fragmentation: 61% 

Speeds up virus scan and bootups: 35% 
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of ttie data center 
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The All-ln-One Search at Processor.com 
nnakes it easy to research the products and 
technologies that are most important to you. 
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1 . Go to Processor.com. 
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Clients 



■ IBM has unveiled two new products in 
its InfoSphere data management portfolio: 
InfoSphere Information Server and Info- 
Sphere MDM Server for PIM (Master Data 
Management Server for Product Infor- 
mation Management). MDM Server for 
PIM provides companies with the capabili- 
ties to distribute product information 
throughout the organization in order to 
streamline data management strategies. 
Enhancements include an improved user 
interface, improvements to the underlying 
technology, and easy integration with 
solutions based on a service-oriented 



architecture. The software is integrated 
with InfoSphere Information Server, so 
customers can take advantage of its data 
cleansing capabilities. InfoSphere Inform- 
ation Server is designed for banks, manu- 
facturers, and retailers and helps companies 
better understand their customers. Features 
include extended global support for eight 
languages, improved grid deployment, and 
reusable services for data access. 



■ With today's push to "go green," one 
place businesses can start is by reducing 
their overall print waste. Kyocera Mita 
America announced two print management 
products provided by Equitrac. Equitrac 
Office and Equitrac Express work to sim- 
plify print-copy tracking and provide enter- 
prises insight into document output vol- 
umes. The programs are available as an 
Equitrac Embedded program on select 
Kyocera MFPs or as a terminal-based 
offering. Equitrac Office is targeted toward 
enterprises and lets employees print secure- 
ly while administrators track print activity 
and costs. Equitrac Express is designed for 
educational or other institutions that charge 
users for using the printer. 



■ Lenovo has released the ThinkPad X301 
notebook with a 13.3-inch display, weigh- 
ing less than 3 pounds and measuring about 
1 inch thin. The X301 comes in 64GB or 
128GB storage options and offers nearly 
20% better performance over the previous 
X300 notebook through the use of DDR3 
memory and Intel Core 2 Duo processors, 
Lenovo states. Additionally, the X301 
includes new support for DisplayPort, a 
VGA connection, options for high-speed 
mobile broadband and Wi-Fi, and Blue- 
tooth and Ultra- Wideband technology. 



Additionally, Lenovo says it has improved 
uplink performance by up to 250% for 
models with AT&T mobile broadband over 
previous ThinkPads. Models with WiMAX 
will start selling later this year. The 
X301 starts at about $2,599. 



Messaging & Telephony 



■ SECNAP announced the Email Archiv- 
ing feature for its Email Security Gateway 
Powered by SpammerTrap. The Email 
Archiving enhancement enables clients to 
archive both incoming and outgoing mail, 
and it's compatible with nearly all messag- 
ing systems, including Microsoft Ex- 
change, Lotus Notes and Novell Group- 
Wise. The Email Archiving feature is avail- 
able with ENT- and GEM-model gateway 
appliances, as well as Premier-level hosted 
services. It provides user-convenient 
archiving with optional remote storage 
through add-on hot-swap storage or net- 
work-attached storage. Separate configura- 
tions are available for incoming and outgo- 
ing messages. The Email Archiving feature 
also facilitates compliance with federal reg- 
ulations, such as the Sarbanes-Oxley Act. 



■ Sherpa Software released version 4.2 of 
Mail Attender for Exchange, which offers 
improved PST management. Mail Attender 
is a scalable content-management solution 
that automates the scheduling of common 
policies from a central location. The soft- 
ware helps companies address email man- 
agement, storage, and compliance require- 
ments that relate to regulations such as 
Sarbox, the new amendments to the Federal 
Rules of Civil Procedure, and others. 
Version 4.2 can automatically scan the 
contents of existing PST files and utilize a 



proprietary weight mechanism to determine 
the owner/mailbox. Mail Attender version 
4.2 helps address compliance demands by 
accessing PST files, managing them, 
assigning the PST to a user, and moving the 
PST contents into that user's archive. 



■ VoSKY has released what it calls the 
industry's first Skype-certified, enterprise- 
grade PBX-to-Skype gateway for SIP net- 
works. The plug-and-play VoSKY Ex- 
change Pro VISIP-EX is designed to let 
medium-sized and large enterprises get full 
value out of an IP PBX by connecting an IP 
PBX to Skype to reduce telecom costs and 
enhance communications within business- 
es, as well as offer interoperability with all 
of Skype' s features and services. The 
VISIP-EX integrates with any existing IP 
PBX using SIP trunk ports and adds up to 
30 lines for Skype use, letting users make 
and receive Skype calls from their regular 
office phones with no additional Skype 
software or headsets. VoSKY Exchange 
also gives administrators complete control 
of Skype within the network. 



Networking & VPN 



■ VPN-l VE (Virtual Edition), an applica- 
tion designed to protect applications within 
virtual environments, is now available from 
Check Point Software Technologies. 

VPN-l VE is designed to restore the sepa- 
ration and security of applications and does 
so as if they were still on separate servers. 
Other features include the ability to com- 
pletely integrate a customer's Check Point 
security infrastructure so Check Point 
appliances and software for open servers, 
"Secured by Check Point" appliances, and 
Go to Page 18 
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There are endless ways to cool down. 

But not all of them make the most sense for you. 

when you're in a tight hot spot, the CMl 2 from MovinCool is your best option. The CMl 2 is 
a ceiling-mounted, self-contained packaged air conditioner that has 1 0,500 Btu/h of cooling 
and runs off standard 1 1 5V, 1 5 amp electric. At just 1 5.5 inches tall, the CMl 2 can fit into 
tight drop ceiling spaces, making it perfect for small server rooms or anywhere floor space is 
limited. And since the CMl 2 is quick and easy to install, you'll save hundreds in labor costs 
and have more time to play in fountains if you'd like. 





■ 

CMl 2 Classic and Classic Plus Series 

To learn more about 
our complete line of spot air conditioners 
visit movincool.com or call 

800-264-9573 



Office Pro Series 



MCVINCOOL. 

THE #1 SPOT COOLING SOLUTION 

A division of DENSO Corporation 



©2008 DENSO Sales California, Inc. MovinCool and Office Pro are registered trademarks of DENSO Corporation. 
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Handle Multiple Users & 
Email Addresses 

InterVations' MailCOPA Email Software Simplifies Email 



InterVations MailCOPA updates all shared email users in real 
displaying critical message information. 

Checking various email addresses of 
co-workers or looking through your own 
accounts can often be a time-consuming 
burden. InterVations MailCOPA v. 9 is 
a multiuser email program for Windows 
that can help you manage multiple email 
addresses. If you have a team of em- 
ployees using multiple email addresses 
on multiple computers, MailCOPA 
ensures that all emails are secure, stored 
centrally, and available immediately to 
the people who need to access them. 

MailCOPA can bring together each 
employee's emails from multiple ac- 
counts and make it easy to share emails 
across the network. MailCOPA lets a 



time, 



team of employees answer mes- 
sages without the risk of emails 
being answered multiple times 
by different workers. MailCOPA 
updates all shared email users in 
real time, displaying information 
about which messages have been 
opened or replied to. The pro- 
gram provides a simple, efficient 
way to manage help desk tickets, 
technical support requests, and 
any information stream from 
clients and prospects. 

The interface is customizable, 
and you can create macros and 
templates to personalize corre- 
spondence. Messages can be threaded for 
easy viewing or locked to ensure they 
won't be deleted. 

InterVations MailCOPA 

Starts at $39.95 for a five-user, single machine 
license; 30-day trial version available 

Manages multiple email addresses, ensuring emails 
are secure and centrally stored 

(508) 833-1660 

www.mailcopa.com 
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Instantly Search 
Terabytes of Text 



idtSearch 





Instantly Seaixh f 
Terabytes ofText 




♦ dozens of indexed, unindexed, 
fielded data and full-text 
search options (including 
Unicode support for hundreds 
of international languages) 

♦ file parsers / converters for 
hit-highlighted display of all 
popular file types 

♦ Spider supports static and 
dynamic web data; highlights 
hits while displaying links, 
formatting and images intact 



♦ API supports .NET, C-n-, Java, 
databases, etc. New .NET 
Spider API 
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he Smart Choice for 
Text Retrieval® since 1991 



♦ "Bottom line: dtSearch manages a terabyte of text in a single 
index and returns results in less than a second" - InfoWorld 

♦ "For combing through large amounts of data," dtSearch "leads the 
market" - Network Computing 

♦ dtSearch "covers all data sources ... powerful Web-based engines" 
- eWEEK 

♦ dtSearch "searches at blazing speeds" - Computer Reseller News 
Test Center 

See www.dtsearch.com for hundreds more reviews, 
and hundreds of developer case studies 
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Continued from Page 1 7 
VPN-1 VE can be managed from a single 
interface. Possible benefits of VPN-1 VE 
include secure virtual environments tai- 
lored for VMware ESX or ESXi; elimina- 
tion of the need for additional security 
appliances; and strengthened auditing, 
compliance, and risk management. 



■ ForcelO Networks has announced an 
increase of the C-Series deployment with 
the FlexMedia line card for network opti- 
mization. The combination of copper and 
fiber Gigabit Ethernet interfaces and 10 
Gigabit Ethernet offers a traffic tool that 
requires no new significant investments. 
Additionally, the FlexMedia line card sup- 
ports 36 to 384 line-rate Gigabit Ethernet 
ports. This cost-effective option guaran- 
tees line-rate throughput and continuous 
availability via the line card. Through the 
C-Series support for FTOS, process errors 
will not impact other processes. According 
to Cindy Borovick, research vice president 
for IDC's Data Center Networks service: 
"The flexibility provided by the combina- 
tion of Gigabit and 10 Gigabit Ethernet 
interfaces on a single line card is an effec- 
tive way for network managers to maxi- 
mize the capacity of their switches given 
current needs, as well as anticipated future 
needs." 

■ SolarWinds announced the latest version 
of its Orion APM (Application Perfor- 
mance Monitor) software, which lets users 
keep tabs on network performance. Orion 
APM v2 lets administrators tasked with 
maintaining the IT infrastructure view 
reports and monitor network elements, such 
as servers and applications. New features 
include expanded out-of-the-box templates 
and agentless architecture, the AppBuilder 
Wizard to help users generate custom 
application monitor templates, end-user 
experience monitoring. Universal WMI 
Performance Monitors, and the Perfor- 
mance Warning System. The Orion APM 
v2 starts at $2,995 for 50 monitors. 



Physical Infrastructure 



■ Cyber Switching announced the EMC 
(Enterprise Management Console) with 
Virtual PDU (power distribution unit), 
which will be released in December. The 
software helps users manage and monitor 
devices that are deployed in remote 
and/or multiple locations. The EMC soft- 
ware lets you auto-discover, manage, and 
monitor all Cyber Switching products 
connected to your network infrastructure 
from one intuitive IP-based management 
interface without introducing additional 
hardware into your network infrastruc- 
ture. The Virtual PDU allows the user to 
create a PDU that combines the real ele- 
ments and functionality of separate PDUs 
into a single, user-managed "virtual" 
interface. It also allows the user to catego- 
rize outlets based on common or intended 
use rather than physical location. 



■ Eaton has introduced Pulsar M uninter- 
ruptible power supplies designed for energy 
savings and heat containment. The Pulsar 
M features the hot-swappable FlexPDU 
that frees up space in normally dense racks. 
You can replace or service the UPS without 
disrupting the power connection. Eaton 
offers the 2200 and 3000 VA models that 
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include various depth sizes ideal for multi- 
ple rack enclosures. Both VA models fea- 
ture the following: USB ports, serial ports, 
contact ports, mini-terminal block, RPO 



(Remote Power Off), ROO (Remote ON/ 
OFF), HP OpenView integration, and 
optional SNMPAVeb network management 
card. Additionally, the 3000VA XL model 
supports 12 battery packs and remotely 
reboots systems using Eaton's Powershare 
technology. 



Security 



■ The new basic topcoat module for the 
Datacard MX6000 and MX2000 card 
issuance systems, designed to grant card 
issuers the flexibility to create unique 
card protection to meet their card pro- 
gram's requirements, is now available 
from Datacard. With high reliability, 
operational flexibility, and ease of use, 
the module is designed to coat the entire 
surface of a card with a clear or holo- 
graphic topcoat that can be embossed and 
applied in combination with other 
Datacard products. 



■ RedSeal Security Risk Manager is now 
available in version 3.0. RedSeal Systems 
calls the software the first automatic 
reporting and auditing tool to assess com- 
pliance of Requirement 1 of PCI DSS 
(Payment Card Industry Data Security 
Standard). Going beyond manual network 
and firewall policy inspection, RedSeal 
SRM 3.0 automatically IDs traffic allowed 
among trusted and untrusted networks 
related to card transactions. 



■ Ringdale announced Sentinel Card- 
Creator, its identification card production 
software. CardCreator is scalable to fit any 
size of organization and may be installed 
on a standalone PC. Included in the 
CardCreator software are design templates 
and custom templates that can be easily 
generated. The software also incorporates 
biometric fingerprint technology, which 
captures the fingerprints of cardholders 
and saves them in the same database 
record. 



■ Sunbelt Software introduced the newest 
version of its CounterSpy Enterprise, 
which offers users protection against 
malware and spyware without bogging 
down the system. CounterSpy Enterprise 
v3.1 employs various techniques for 
examining potentially harmful files and is 
capable of flagging potentially unwanted 
programs. Features include advanced anti- 
rootkit technology, real-time monitoring 
with Active Protection, and configurable 
management dashboards. CounterSpy 
Enterprise is currently available starting at 
$155 for five machines. 



■ Toshiba's Storage Device Division has 
announced an alliance aimed at developing 
a standards-based solution for securely 
encrypting data on mobile computing plat- 
forms, including notebooks. The solution 
integrates Toshiba's HDD encryption tech- 
nology, as well as an enhanced version of 
Wave's Embassy Trusted Drive Manager 
and Remote Administration Server prod- 
ucts, which help manage and administer 
encrypted hard drives. 



Servers 



■ Rave Computer has announced its serv- 
er, the Rave/Sun Ultra 24 Hybrid. The 
Rave/Sun is a redesigned 3U variation of 
the Sun Ultra 24 and retains the functionali- 
ty of its predecessor. The Rave/Sun fea- 
tures a variety of processors (Intel Core 2 
Duo, Intel Core 2 Quad, or Intel Core 2 
Extreme quad-core). It also supports full- 
length/height PCI cards and up to 4TB of 
hot-swappable drives and is environmental- 
ly friendly, ultra-quiet, and easy to clean. 
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■ Sun Microsystems launched two high- 
performance computing Intel Xeon-based 
Sun Fire servers, the Sun Fire X2250 and 
Sun Fire X4250. The servers support one 
or two dual- or quad-core 5200 or 5400 
series Xeon processors and are capable of 
running on Solaris 10, Linux, and Win- 
dows. The Sun Fire X2250 server is a lU 
server ideally suited to demanding MCAE, 
EDA, and energy and financial service 
applications. Features include support for 
low-power Intel Xeon Processor 5400 
series CPUs; fast FSB and CPU speeds; 
and record-breaking integer, floating point, 
and integer throughput scores on SPEC 
CPU2006 benchmark. The Sun Fire X4250 
server is a 2U enterprise-class system that 
supports up to 16 SAS disk drives, 16 
memory slots, and six PCI Express slots. 
The Sun Fire X2250 and X4250 servers 
are currently available starting at $1,495 
and $3,195, respectively. 



Storage 



■ Brocade introduced the Brocade 8Gbps 
SAN (storage area network) Switch for the 
HP BladeSystem c-Class portfolio. The 
next-generation, high-performance data 
center solution increases the network 
bandwidth of the HP BladeSystem c-Class 
technology and increases flexibility while 
helping reduce costs through rack consoli- 
dation, shared power and cooling, less 
cabling, and fewer required SEP (small 
form-factor pluggable) optics modules. 
Providing performance-enhancing features 
in 12 or 24 auto-sensing ports, the new 
switch supports legacy lower-bandwidth 
storage products for investment protec- 
tion. It also offers the option to scale to 
larger fabrics on a "pay-as-you-grow" 
basis, increasing productivity while sub- 
stantially reducing costs. 



■ EasyEncrypt Upgrade Kit, an upgrade 
utility for notebook computers with SATA 
hard drives, is available from CMS 
Products. Easy Encrypt is designed to 




ODUCTS 



enable notebook users to replace non- 
encrypted disk drives with secure ones that 
feature state-of-the-art encryption. The 
upgrade is designed to be quick and easy. 
Data is protected by AES 128-bit encryp- 
tion, and Easy Encrypt also supports BIOS- 
level ATA password protection. All aspects 
of a hard drive, including the operating sys- 
tem, applications, data, and personal set- 
tings, are transferred. 



■ Diskeeper announced Undelete 2009, 
providing real-time data protection and 
instant data recovery. Undelete 2009 per- 
forms immediate restoration of files on 
desktops or servers invisibly in the back- 
ground, using Diskeeper' s proprietary 
InvisiTasking technology. Undelete 2009 
replaces the Recycle Bin with a Recovery 
Bin, which captures all data, even those 
files commonly missed by the Windows 
Recycle Bin, including files that have been 
overwritten or deleted over a network. In 
addition, Undelete' s real-time protection 
surpasses the occasional data protection 
provided by Windows Volume Shadow 
Copies, removing all gaps from the data 
protection strategy to ensure data is never 
lost. Key features include the ability to 
completely erase sensitive files, version 
protection for Microsoft Office files, and a 
desktop client. 



■ A virtualized storage management 
interface is available from iStor. The 



integraSuite/MC Management Center 
offers user control via a Java-based GUI, 
a command line interface, or Microsoft's 
VDS. It pools storage for easy allocation 
of resources, rather than requiring the 
user to manage individual RAIDs and 
LUNs. Volume expansion and RAID type 
migration are just two of the operations 
integraSuite/MC Management Center 
simplifies. 



■ Network Instruments has released the 
GigaStor SAS featuring a 288TB capacity. 
As the largest RNA (retrospective network 
analysis) platform for storage and network 
packers, the GigaStor SAS increases the 
monitoring capabilities of 10 Gigabit net- 
works. Network Instruments also offers a 
line of GigaStor appliances including 4 to 
12TB standalone units and write-to-SAN 
options. 



■ Nexsan announced The Edge, a next- 
generation green NAS (network attached 
storage) solution configured and priced 
specifically for the SME market. The 
Edge is a high-density disk storage solu- 
tion that allows users to tier existing 
Nexsan SAS- and SATA-based storage 
with file services, CIFS (Common 
Internet File System), and NFS (Network 
File System), as well as block service 
iSCSI. The Edge was designed for the 
SME customers that demand green data 
storage solutions that maintain high per- 
formance with proven enterprise-class 
reliability. In addition, the Edge incorpo- 
rates next-generation MAID (Massive 
Array of Idle Disks) 2.0 functionality, 
which enables dramatic energy savings 
without compromising application perfor- 
mance or reliability. 



■ Quantum added a 320GB capacity 
point for its GoVault Data Protection 
solutions, which doubles the previous 
capacity. The GoVault solution is a disk- 
based, all-in-one storage platform that 
includes Quantum's Data Protection 
software application for Windows that 
utilizes a data deduplication technology 
to reduce the number of cartridges 
required for effective backups. With the 
deduplication technology and an expand- 
ed choice of capacity sizes ranging from 
40 to 320GB, the GoVault cartridge deliv- 
ers twice the capacity of previous releas- 
es. And by only storing changes to files, 
the GoVault solution enables backups to 
be completed in minutes with transfer 
speeds up to 34MBps. Its ruggedized, 
sealed hard drive cartridges can be 
removed for offsite data protection, and 
they are designed to withstand up to a 1- 
meter drop on hard surfaces. 



■ Sans Digital has announced its two-bay 
storage enclosure, the TR2UT-B, which 
will complete its TowerRAID series. The 
RAID enclosure will support both USB 2.0 
and eSATA connections, and feature four 
different RAID modes (RAID 0, 1 Span- 
ning, and JBOD). The enclosure maintains 
hard drive ventilation with a dust-free front 
panel, and eliminates excessive cord clutter 
with a cable-less backplane design and by 
connecting up to two hard drives with a 
single cable. 



■ Tabernus has added Secure Erase sup- 
port to its E800 Eight-Bay and E300 
Three-Bay Erasure Tools. Beyond the 
Erasure Tools' existing ability to securely 
wipe EOL data from hard drives. Secure 
Erase taps a firmware function in compati- 
ble SATA and PATA drives for more 
comprehensive data elimination. Users 
will be able to choose Secure Erase or 
existing one-, three-, or seven-pass over- 
write methods. 



Protect Against 
Wireless Threats 

AirDefense Enterprise With Live View Offers Administrators 
A Real-Time View Of Networit Activity 



Live View uses charts and graphs to show networi< activity. 

Security is one of the most important 
issues facing any company. As a wireless 
intrusion prevention system, AirDefense 
Enterprise provides protection against 
wireless threats; monitors for policy 
compliance, performance, and trou- 
bleshooting; and features location track- 
ing. Enterprise combines with wireless 
VPNs, encryption, and authentication 
systems for protection against wireless 
threats and unauthorized devices. 

Live View is the newest addition to 
Enterprise. It provides IT admins a real- 
time view of wireless network activity. 
With immediate access to network 
information, administrators can quickly 



troubleshoot problems. With a con- 
figurable dashboard, device connec- 
tivity mapping, and frame capture/ 
analysis. Live View can help locate 
and solve network issues and then 
verify a problem has been resolved. 

With Live View, technicians can 
view issues remotely and correct 
them, without needing to visit 
remote locations to solve problems. 

AirDefense Enterprise features 
accurate and comprehensive detec- 
tion of threats and attacks against 
network systems. It minimizes legal 
and financial liabilities because it 
complies with regulatory standards. And, 
with the mobile workforce protection 
feature, mobile workers can rest assured 
they are secure when traveling. 

AirDefense Enterprise with Live View 

Starts at $7,995 (Live View is available free to 
existing customers) 



A wireiess IPS that protects against wireless threats 
and monitors for compliance 



(877) 220-8301 
www.airclefense.net 



AirDefense™ 



I 



Se ecting Enc osure 

Power Distribution Units 
has never been.so easv! 

Easy 
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Eaton's newly expanded portfolio of power distribution units, offers 
the broadest range of ePDUs on the marl<et. IVIaking the right decis 
from the start, can mal<e a difference in the dependability and effic 
of your infrastructure. Eaton is helping you make the selection of 
enclosure power distribution units (ePDUs), as easy as 1, 2, 3. 



Ask yourself these three simple questions: 

1 . How muck power do you need? 

2. What functionality do you need? 



Visit the newly launched product configuration wizard at 

. The simple interface allows you to searcl 
over 1,000 products for the perfect solution, as easy as 1,2, 3. 
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Low Profile 19" Server Rack Cabinet 

Choose from a large selection of four different series to 
find a cabinet for your specific application. 

• Available in variety of sizes: From 3U-25U 

• Usable cabinet depth from 22.5"D to 34.5"D 

• Universal rack rails fit all major brand servers 

• use Series shown 

To Learn More, 
Visit: www.iscdfw.com 



Ik 



TB Information Support Concspts.iwc 

Leading Infbniiation Technology Praducts Since 1987 



Information Support Concepts Inc. 

(800) 458-6255 
www.iscdfw.oom 
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m Provides reliable power distri- 
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■ across different power circuits. 
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■ • High Density 
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■ • Multiple Voltage Outputs 








■ • Input Current Monitoring 








■ 'IP Access & Security 








■ • Alerts for Power & 
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■ Environmental Conditions 
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■ Branch Circuit Protection 








■ • Environmental (Temperature 
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■ & Humidity) Monitoring 




" • NEW! Linking for Smart 




CDU (Expansion Modules) 
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(800)835-1515 


Server Technolosv, inc. www.servertech.com 



Physical Infrastructure 



RS232 Port 



Transfer Switch 




4 receptacles 
per side 



RPC18 

8 Receptacle Power Control / Monitoring w/Trans Switch 

• Current, Voltage, Power, and Temp Monitoring 

• Automatic Transfer Switch 

• RS232 or Network Interface 120/208VAC 10, 20, 30A Models 

• Turn On, Off, or Reboot any or All Receptacles 



BayTech 

(800) 523-2702 
www.baytech.net 



Physical Infrastructure 



USB Interface 



$1 



Rugged Plastic Enclosure 



High Accuracy Digital 
Temperature Sensor 




29.99 

Free 
Shipping 



TEIVIPERATURE@LERT 

' Notifies You Via Email Of Changes In Room Temperature 

' Runs On All Windows Platforms 

' Logs To TXT, Temperature Graph, Event Log, and XML 

' Runs As A Windows Service 

' SNMP Support 

' Free Shipping 



TEMPERATURE@LERr 

USB TEMPERATURE MONITOR WITH EMAIL ALERTS 

Temperature@lert 

(866) 524-3540 
www.temperatureaiert.com 



Physical Infrastructure 




1U 20.1" Rackmount LCD Monitor Drawer 

' Separate Single rail design. Easy to install by one person. 

' LCD Auto Shut off when it is in Closed Position 

' LCD Panel protected by tempered glass 

' Modular design scalable to 8/16 Combo KVM or 

8/16/32 CATS KVM 
' IP KVM and 2 Consoles via CATS Extenders options 



l-TECH 
COMPANY! 



l-Tech Company 

(888) 483-2418 
www.i-techcompany.com 



Physical Infrastructure 



Switched CDU CW-24V2 




Server Technolosy, Inc. 



Power cycle individual or 
groups of outlets to remotely 
reboot network devices. 

• 208V to 240V Single or 3- 
Phase power at 20 or 30A 

• Access and Security: Web 
interface, SSL, SSH, Telnet, 
SNMP, LDAP, TACACS-h, 
and RS-232 access 

• Environmental Monitoring 

• Fuse Retractor 

• High-Density 24 lEC C1 3 



Server Technology Inc. 

(800) 835-1515 
www.servertech.com 
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CS-3AVY Sentry Smart CDU 

Provides reliable 3-Phase 
power distribution. Multiple out- 
let types distribute multiple volt- 
ages via 3-Phase 208V Wye 
power in-feed. 

• High Density 

• Multiple Voltage Outputs 

• Input Current Monitor 

• IP Access & Security 

• SNMP Traps 

• Environmental (Temperature 
& Humidity) Monitoring 

• Branch Circuit Protection 

• NEW! Linking for Smart 
CDU (Expansion Modules) 




Server Technology, Inc. 



Server Technology Inc. 

(800) 835-1515 
www.servertech.com 
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RS232 Access 
8 Rebootabie Receptacies 

RPC14 

8 Receptacle Power Control and Monitoring 

Current, Voltage, Power, and Temp Monitoring 
LCD Screen displays power monitoring information 
RS232 interface, 120/208VAC 10,20,30A Models 
Turn On, Off, or Reboot any or All Receptacles 



BayTech 

(800) 523-2702 
www.baytech.net 
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24 Receptacles 



LCD Display 
RS232 Access 

RPC 22 

24 Receptacle Remote Power Monitoring & Distribution 

Current, Voltage, Power, and Temp Monitoring 
LCD Screen Display 

RS232 Interface 120/208VAC 10,20,30A Models 
Power Distribution and Monitoring In One Unit 



BayTech 

(800) 523-2702 
www.baytech.net 
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Dualcom™ Plus 

Cyber Breaker® the Virtual Circuit Breaker™ 

Monitor and manage current consumption at EACH outlet 

TCP/IP or RS-232 

SNMP management 

Login/password security 

Intuitive user interface 



CYBER@)SWITCHING 



® 



Cyber Switching Inc. 

(888)311-6277 
www.cyberswitching.com 



Physical Infrastructure 



KVIVI Switcli 




• Modular KVM Switch 

• 1U DualRail sliding Drawer 

• Plug & Play CATS/ IP KVM 
Modules 

• OEM Design 

• Cost- Effective Solution 



Design & Manufacturing Partner 

(714) 444-2390 
www.broadrack.com 



Physical Infrastructure 




Sentry 30-A Fail-Safe Transfer Switch 

Provides fail-safe redundant power to single-power corded 
equipment 

Fast Transfer Rate — Power interruption will not affect equip- 
ment uptime or performance 

Patented arc-suppression and power in-feed sharing tech- 
nology extend product life and performance 
High Density— 100 to 240V and 16/32A 



9) 

Server Teehnolosy, inc. 



Server Technology Inc. 

(800) 835-1515 
www.servertech.com 
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Physical Infrastructure 



Classic Series - Portable Air Conditioning 

Ideal For: 

• Server Rooms 

• Electronic Equipment 

• Primary, Supplemental, or 
Emergency Cooling 



oo 




Featuring: 

• Rentals and Sales 

• Installs in IVIinutes 

• Locations Nationwide 

MOVINCOOL. 

PREFERREr) DISTRIBUTOR 
wiMncod, spolCKIaiifl oltesProaie 



THE PORTABLE COOLING Si HEATING SPECIALISTS 

Atlas Sales & Rentals Inc. 

(800) 972-6600 
www.atlassales.com 



Storage 



IVIobileNASIVIN4L+/IVIN4L+B 

4 Bay Linux NAS + iSCSI Storage Tower 

' 4-bay NAS utilizing Intel Pentium IVI CPU and 512 II DDR 

memory for ultimate performance. 
' Unified storage: simultaneously supports iSCSI IP SAN and 

NAS. 

' Snapshot, folder replication and expansion storage via 
ISCSI. 

' Supports RAID 0, 1 , 1 +0, 5 and 6. 
' One eSATA, two USB 2.0 & one Firewire 400 external hard 
drive expansion ports. 



ANS 

IEITAC 



Sans Digital 

(800) 980-1988 
www.sansdigital.com 



Storage 
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HP StorageWorks 6000 Series 

Virtual Tape Libraries 

Models: VLS6510, VLS6518, VLS6840, VLS6870 

Up to 70TB of HD Storage and 600IVIB/sec Transfer Speeds 

Use Your Existing Backup Software 

HP Warranty 

Fantastic Low Pricing On These New Units 
To Learn More, Visit: www.magnext.com 



MAGNOrr 



DATA BACKUP SOLUTIONS 



Magnext Ltd. 

(888) NOW-TAPE (669-8273) 
(614) 433-0011 



Networking & VPN i 



SLinMIn 




$1 ,875 

for 
250 
systems 



LinMin Bare Metal Provisioning 

Remote, unattended native installation of Windows and 

Linux (Red Hat, Novell, Ubuntu, CentOS, Fedora) 

For servers, blades, appliances, PCs, and virtual machines 

API for easy integration with other IT applications 

Disk imaging (capture, restore, clone) 

Ideal for data centers. Web/server hosting, cloud 

computing 



ElLinMin 



LinMin 

(650) 520-9549 
www.LinMin.com 




Attention Manufacturers: 

Advertise Your Products 
In Processor's Showcase 
Product Directory! 



Proven publication in 
business since 1979 
Color picture 
Detailed, editorial-style 
product description 
Internet exposure via our 
Web site; Processor.com 
Only $176 an issue 




Call Us Today At 
(800) 247-4880 



Category 



Your Picture Here 



Your Heading Here 

Text promoting your company, product, or service here. 
Text promoting your company, product, or service here. Text 
promoting your company, product, or service here. Text pro- 
moting your company, product, or service here. Text promot- 
ing your company, product, or service here. Text promoting 
your company, product, or service here. Text promoting your 
company, product, or sen/ice here. 



Your Logo 



Company Name 

(000) 000-0000 
www.CompanyWebSite.com 



Build Your Brand Awareness! 



PRncf ssnn SBBWCASE 




. color picture . Detailed product description 

• Web exposure * »'"V$176a!';«"«. 

112-issue minimum) 

• Proven publication 

Your Internet exposure 
is at no added cost! 

TO place your color photograph in the next issue of Processor. 

mail this completed form and your photo 

(35mni p* 3 « 5 inctes, % x 514 inttes, ot 4 x 6 «te in «) 
to; Processor, P.O. Box 85510, 
Lincoln, NE 68501 

Call Today: (800) 247-4880 



SEE US ON THE INTERNET AT: Processorjiom 





□ Check □ Money order 



□ Visa 

CreditCardl 
Signature 



□ Discover 



□ Mastercard 

□ American Express 
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80 PLUS ENERGY STAR ROHS 
4.0 READY 



ESATX12V(v.2.2)8cm Fan Series 

Seasonic ES series comes with 300, 350, 400, and 500 Watts, featuring Active 
PFC, Smart and Silent Fan Control, 80% + efficiency and so much more. All of 
these contribute Seasonic ES PSUs to received certification of 80 PLUS* and 
Energy Star 4.0 ready. In addition, all of Seasonic PSU has met the RoHS re- 
quirement. To believe in energetic thinking, think Seasonic. To find out 
more,visit http://www.seasonicusa.com. 




350W 
n Factor Series 



USA Office 

TEL: +1 626-969-9966 
FAX: +1 626-969-9986 
EMAIL: usa@seasonic.com 



MALABS 

TEL: +1 626-820-8988 
FAX: +1 626-820-8188 



AS I 

TEL: +1 510-226-8000 
FAX: +1 510-226-8858 



Supercom 

TEL: +1 800-949-4567 
FAX: +1 604-276-0807 




EMAIL: sales.la@malabs.com EMAIL: web_fr_sales@asipartner.com EMAIL: sales@supercom.ca 



GREEN INNOVATION POWERS YOUR LIFE 

SINCE 1975 
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Monitor Infrastructure 
Intelligence 

Get The Most Out Of Your Applications 
Witli Integrien Health Check 



I 



.A 



Integrlen's Health Check service provides a summary of 
transactions, trading, and tier cross-section performance 

To EFFECTIVELY MONITOR the progress of 
applications and services, enterprises must 
determine where internal issues originate. 
Integrien offers a new systems manage- 
ment service for this purpose: Integrien 
Health Check. 

Health Check uses the data center oper- 
ations solution Integrien Alive to access 
historical data and analyze business per- 
formance. Companies are first required to 
provide 60 to 90 days of past infrastruc- 
ture data. As Health Check deciphers the 
causes of brownouts and outages, it cap- 
tures models of problematic behavior so 
companies can identify recurring bad pat- 
terns. Through Health Check's insight 



into the "heartbeat" of a specific 
application, users can observe 
how applications are performing 
based on static threshold results. 

To understand the association 
between business performance, 
user experience, and IT commu- 
nications. Health Check em- 
ploys an advanced correlation 
method to develop a PMDB 
(Performance Management 
Database). A PMDB analysis 
includes the following reports: 
application behavioral analysis 
report, "top influencers" report, 
and a root cause forensics report. This 
database can supply crucial information 
regarding the interrelation of infrastructure 
components, enterprise operations, and 



user practices. 

Integrien Health Check 

Application service that pinpoints IT performance 
problems 

$35,000 

(949) 788-0555 

www.integrien.com 
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Time to Move Up Your Plan B? 



We're Here to Help! 

We can help you accomplish your network plans 
a\ a fraction of the cost you originally budgeted. 

Horizon Datacom does three simple things; We buy, refurbish, and sell network hardware. 
We can buy your excess gear - put cosh right into your budget. And we con provide you 
with top quality routers, switches, wireless and VoIP gear at incredibly low prices - and the 

expertise to make it all work. With over 1 3 years of experience, we're one of the most 
trusted names in refurbished network hardware. When you need to support your network 
AND slash your budgets, we'll be there to help you get the job done right. Just give us a 
call and we'll show you how dropping back to Plan B can still mean Grade A results. 



CONTACT US 



Toll Free: 800.227.2362 
Phone: 614.847.0400 

Sales: Scott Story 

sstory@horizondatacom.conn 

Purchasing: 

buy_itw@horizondatacom.corn 



WE CARRY 



A Full Line of Networking & VoIP Gear: 

Cisco Extreme Foundry 
H.P. ProCurve Enterasys 
Avaya Polycom Juniper 



INTEGRIEN^ 

POWERING Predictive IT 



www.horizondatacom.com 
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Breaking In New IT Staff 



Get Started Right Away 

When Integrating Tech Employees 



by Carmi Levy 

If first impressions are everything on 
a first date, they matter even more for IT 
managers bringing new employees on- 
board. You can't simply expect new IT 
hires to show up on their first day and 
know what to do. A well-defined process 
for integrating them is crucial for their 
long-term career success. 

Unfortunately, many IT departments 
lack standards for bringing new staff in. IT 
leaders may assume that recruitment and 



When Onboarding 
Goes Bad 



The telltale signs of ineffective new employee 
integration are easy to identify. They include 
the following: 

• The employee becomes very quiet and 
starts alienating himself from others. 

• Cell phone use goes up as breaks become 
more frequent. 

• Absenteeism and late arrivals or early 
departures increase. 

• Productivity flattens or declines. 

Left unchecked, this can lead to larger-scale 
organizational impacts such as increased 
turnover, delayed project delivery, and com- 
promised budgets. 



hiring is strictly a human resources respon- 
sibility. They also assume it's business as 
usual for both IT and HR once the job 
offer is accepted. So new employees often 
show up on day one and are forced to fend 
for themselves. 

Aside from ensuring telephones, com- 
puters, and system accesses are in place 
before the new hire's first day, IT man- 
agers must make sure rookies have access 
to the right people and resources. "If new 
employees can't get access to the tools 
they need to do their job within a reason- 
able amount of time, there can often be 
flow-on effects elsewhere in the organiza- 
tion," says Warren Shiau, lead analyst of 
IT research for The Strategic Counsel 
(www.thestrategiccounsel.com). 

What It Costs The Organization 

Ineffective personnel management pro- 
cesses often take root right from the start, 
so improvements here can lay the ground- 
work for better downstream practices, as 
well. "If newly hired employees don't see 
a smooth process for integrating into 
their new role, that tends to negatively 
affect them right off the bat," says Shiau. 
"They're not doing what they were hired to 
be doing, and it only gets worse from there 
if it isn't addressed." 

Ineffective onboarding, or integrating 
new employees into your organization, 
impacts the organization in a number of 
ways. Poorly oriented or trained employ- 
ees take longer to hit their stride. They 



consume more resources from elsewhere 
in IT and the company at large and are 
less productive. Because it takes them 
longer to begin pulling their weight, this 
drags both the bottom line as well as their 
colleagues. 



f 

Onboarding processes are more likely to be 
adopted across the IT organization if they are 
clear and straightforward. Claire Colley, presi- 
dent and CEO of AReS Staffing (www. ares 
staffing.com), advises IT leaders to consider 
the following best practices for bringing new 
hires into the organization: 

• Have the workstation ready. Employees 
need a proper place to work as soon as they 
arrive on the first day. Beyond ensuring the 
physical office is properly set up, also ensure 
system and phone accesses are in place. "It 
may seem like a simple thing," says Colley, 
"but employees want and need to feel com- 
fortable from the moment they arrive." 

• Assign a mentor. Don't let new hires 
navigate their probationary periods alone. 
IVIentors provide important and accessible 
guidance throughout the integration period. 

• Schedule an orientation. Explain organiza- 
tional and departmental policies and proce- 
dures, conduct an office tour, and introduce 
the new hire to colleagues, as well as the 
senior management team. 



Employee satisfaction is impacted, which 
can drive turnover, as well. Negative and 
unchecked first impressions make it easier 
for new hires to quit before they feel 
they've laid down roots. 

Go to Page 24 



• Review security. Don't just hand the new 
employee a security pass. Review proce- 
dures and expectations, walk through specific 
scenarios, and answer any questions about 
system and physical site security. 

• Document the plan. The employee's imme- 
diate manager should draw up a detailed 
schedule for at least the first week or two. 
Toward the end of this period, focus on tran- 
sitioning to ongoing workflow. 

• Communicate. Because most problems 
manifest themselves within the first month, 
ongoing two-way communication can help 
managers identify and address issues before 
they spin out of control. Informal one-on-one 
sessions raise employee confidence levels 
and keep managers more involved. "Com- 
munication really is paramount — and often 
ignored," says Colley. "Nine times out of 10, 
small problems can be nipped in the bud 
before they escalate so much that the em- 
ployee decides to leave." 



The Best "Best Practices" 
Are The Simplest Ones 
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Multiplatform Migration 



Ease Migration Pains With PlateSpin's 
PowerConvert Version 7.0 



Efficiency is key in any data center, but it 
can be difficult to achieve when you need to 
move and rebalance workloads among dif- 
ferent types of environments and platforms, 
a need PlateSpin addresses with PowerCon- 
vert Version 7.0. 

PowerConvert Version 7.0 is designed to 
operate in a heterogeneous environment to 
simplify the management of server work- 
loads. Version 7.0 increases support for Red 




Hat Enterprise Lin- 
ux, 64-bit Windows 
Server, and Citrix 
XenServer environ- 
ments, as well as 
image-based disaster recovery capabilities 
and improvements to migration speed for 
large-scale deployments. 

Support for Linux migrations includes 
P2P (physical-to-physical) and V2P (virtu- 




Thanks to DMD, we 
don't have to sit on 
our old computer 
equipment anymore. 



When it comes to IT equipment 
liquidation or disposal, we are 
serious. Let us worry about data 
security and destruction, EPA 
regulations, transportation, down 
time and insurance. Don't tie up 
your resources or take chances with 
your data or environmental issues. 

Call DMD today! 
(877) 777-0651 



We Purchase: 

Computers/Laptops 
Networking Equipment 
Power/Environmental 
Telecom/Network 
Complete Data Centers 
Printers 



We Offer: 

Asset Tracking/Reporting 

Deinstallation/PackingATransport 

DOD Level Data/Mechanical Destruction 

EPA Recycling/Reuse 

Ongoing Support Plans 

Technology Refresti/lnstall Programs 



Find out why some of the top U.S. companies and Government 
Agencies call DMD Systems Recovery. 



NAID 



0% DIVID SYSTEMS RECOVERY, INC. ^ 

m ^ A Slightly Different CompanyT^ T^'R'R 

^^40 Toll Free: (877) 777-0651 Ptione: (602) 307-0180 Fax: (602) 307-0181 

' Internet: www.dnndsystems.com 1, 
Providing QUALITY GOODS and SERVICES for Industry. 



Member of AFCOM, Better Business Bureau, Chamber of Commerce. HP Authorized. Member of NAID (National Association for Information Destruotio 



al-to-physical) capabilities. P2V (physical- Also new is improved transfer speed for 

to-virtual) is supported for 64-bit Windows workload migrations partially courtesy of 

environments, and Citrix support includes Server Sync, which offers testing capabili- 

X2P (anywhere-to- virtual) and V2I ties that can be done over a variety of net- 

(virtual-to-image). PowerCon- work types to reduce downtime and maxi- 

vert's incremental imaging enables mize migration integrity, 
users to import and export images 

from a repository of server work- PlateSpin PowerConvert Version 7.0 

loads, improving backup and dis- pgr-use license (one-time license): $175 

aster recovery and reducing costs. Per-workload license (perpetual use): $425 

With a drag-and-drop interface, 

1^ users can remotely decouple work- support for migrations across a variety of 

, . J, . . different environments and platforms 

loads from a server and stream ^ 

them to another host, physical or virtual. In (877) 528 3774 

essence, PowerConvert is designed to , , 

, , ^ . ^ . • , , www.platespm.com 

enable users to maintain service-level 

requirements by optimizing and relocating I^Vi 

workloads quickly. ^^^^ 



GPS 




GLOBAL 
PRINTER 
SERVICES 

INCORPORATE^ 




HP U 4250N 
$595 




HP U 5035XS 
$2395 




HP LJ 4300 
$395 



The ~ Over 1 50 different HP LaserJet printer models In stock! 

Resellers Buy your HP laser printers from the industry leader When you purchase 

Resource a printer from GPS you are buying the best refurbished printers available. 

All printers include parts vtfe Offer a One year wan-anty on printers and free technical support for 

^on'ira^sm^i sampir'^ Hic life of the printer We can provide you with a specific model you are 

of what we have in looking for or one Of our experienced staff can help you select the printer 
pltee^and availfbiii^'^ ™'" ""^^ "ceds. Your Satisfaction is our number one \ 

for other models, priority, SO If you are not completely satisfied with your purchase you can 

accessories and parts. ^^^^ 3 fy,, 

Resellers Welcome. \ 
#1 Source for Printers 8oo-588-3554»608-268-43oo 

OWUI V^C; |-|lllLCriO vvww.globalprinter.com. Free Tech support 



Page 24 



Energy 

Efficiency 

Rebates 



Money & Power Savings 
For The Data Center 

by Sandra Kay Miller 

Data centers are experiencing many 
issues around managing their energy con- 
sumption. Increased computing capability 
has led to a bigger demand for power and 
cooling. But with a steep rise in energy 
costs, coupled with the push to get "green- 
er," data centers are making significant 
investments in energy-efficient technolo- 
gies. At the same time, power companies 
are offering incentives and rebates for orga- 
nizations to upgrade to power-saving 
equipment. 

"It's a win-win for both the customer and 
the utility company," says Rob Bednar, 
spokesperson for Emerson Network Power 
(www.emerson.com). 

Incentives For Rebates 

While energy customers reap the finan- 
cial benefits from rebates and using less 
power, utilities are able to also save money 
by not having to purchase expensive power 
from other utilities when they don't have 
the generating capacity to meet their cus- 
tomers' needs on peak demand days. 



Mark Bramfitt, market supervisor for 
the PG&E's (Pacific Gas & Electric Com- 
pany's) high-tech, biotech, and healthcare 
industries, agrees. "I know it's counterintu- 
itive to people who see us trying to sell less 
of our product," he says. "The easiest way 
to explain it is if I can buy a kilowatt-hour 
of energy efficiency (in other words, help a 
customer use one kilowatt-hour less than 
they otherwise would), that's cheaper than 
going out in the generation market to buy a 
kilowatt-hour." 

Bramfitt points to another reason for data 
centers and utilities to work together in 
order to reduce overall energy consump- 
tion: rolling blackouts. "We don't want to 
get in to that situation again, and to avoid 
that, we must deliver energy efficiency ser- 
vices at levels we've never had to do 
before," he notes. 

Over the last year, Bednar has witnessed 
many more utility companies establishing 
rebates specific to the data center in addition 
to their existing consumer and business 
incentive programs. This is a trend he 
expects will continue as energy savings in 
the data center becomes more prevalent with 
the growing awareness in regards to power 
and cooling costs within organizations. 

Bramfitt believes that PG&E has been 
very successful in helping companies 



Processor.com 

manage their data center's air-conditioning 
systems but sees the gap in the equipment 
in the racks. To move ahead, the utility has 
entered into a partnership with leading 
equipment manufacturers. 

"Typically, the people responsible for 
installing and maintaining IT equipment in 
the data center weren't the same as the 
people who paid the utility bills, so there 
wasn't an incentive to maximize energy 
efficiency in any of the decisions," says 
Bednar. "We've seen a trend over the last 
two years where those two groups are 
working together or are under the same 
budget, and that's one of [the] things that 
is helping to raise the awareness and 
increase the overall usage of energy-effi- 
cient equipment." 
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How Much? 

The primary form of incentive for ener- 
gy-efficiency upgrades can be a direct pay- 
ment from a utility, equipment supplier, or 
state agency. Additionally, many states, as 
well as the federal government, offer tax 
deductions or credits for attaining defined 
levels of efficiency or for supporting spe- 
cific energy-saving technologies. 

Rebate levels vary widely within the 
United States, but the ACEEE (American 
Council for an Energy Efficient Economy) 
estimates that rebates usually cover from 
15 to 35% of the installed cost of an energy 
option, with a renewable energy, such as 
solar, reaching as much as 50%. 

Although every utility is a little different, 
by and large, the programs are pretty stan- 
dard. For example, Austin Energy (www 
.austinenergy.com) has a Power Saver 
Program specific to data centers that are 
planned or are being built within its service 
area. All sizes of data center infrastructure 
are eligible, from large-scale enterprises 
down to server closets. The program also 
covers retrofits and remodels. Companies 
can obtain rebates up to $200,000 with 
the purchase and installation of UPSes, 



Available Efficiency Incentives & Rebates 



1 Program/URL 


Incentive Type 


Eligible Technologies 


Maximum Incentive 


Energy-Efficient 
Commercial Buildings 

www.efficientbuildings.org 


Corporate Tax 
Deduction 


Equipment Insulation, water heaters, lighting, 
lighting controls/sensors, chillers, furnaces, 
boilers, heat pumps, air conditioners, CHP/ 
Cogeneratlon, caulking/weather-stripping, 
ducfair sealing, building insulation, windows, 
doors, siding, roofs 


30 cents to $1 .80 per square foot, 
depending on technology and 
amount of energy reduction 


New York State Energy Research & 
Development Authority 

www.nyserda.org 


Industry Recruitment 
and Support 


Computer servers and systems 


Varies by project and category; 
Advanced Concepts Data Center 
Project: $500,000 maximum, pre- 
ferred cost share of 50% 


Oncor Data Center Energy 
Management Program (Texas) 

www.oncor.com 


Utility Rebate 


Lighting, virtualization, high-efficiency UPS 
and HVAC system upgrades 


Demand reductions: $150 per 
kilowatt; energy usage: $0.0175 
per kilowatt hour 


Puget Sound Energy — Commercial 
HVAC Equipment Energy Efficiency 
Rebate Program (Washington) 

www.pse.com 


Utility Rebate 


Boilers, programmable thermostats, motors, 
motor-ASDs/VSDs, HVAC 


Varies based on HVAC equip- 
ment, from $50 to $800 


Southern California Edison 

www.sce.com 


Utility Rebate 


Lighting, HVAC, controls and processes 


5 to 14 cents per kilowatt hour; 
maximum incentive is $2.4 million 
annually, per customer site 



Energy Rebate Tips 



start working early with the utility. 

Stay current with your power and cooling 
vendors' latest energy-efficient products. 

Perform a cost-benefit analysis to verify 
that the rebate combined with the long- 
term savings is worth the investment. 



chillers/cooling towers, MAID storage sys- 
tems, virtualized servers, and thermal ener- 
gy storage systems. 

"The typical equipment that we have 
seen our customers get rebates for is our 
precision cooling equipment, which can 
save as much as 30% energy over tradition- 
al cooling methods," says Bednar. Emerson 
has been working to enhance the energy 
efficiency of its products with technologies 
such as VFD (variable frequency drives) on 
the fan motors. VFD-equipped products 
better match the cooling fan capacity with 
the IT equipment and can ramp up or down 
the fans based on cooling needs. Addi- 
tionally, Emerson has developed variable- 
capacity compressors that operate similarly. 
"We're seeing a lot of rebates for these 
types of products that help prevent over- 
cooling," Bednar notes. 

Finding Savings 

While the West Coast, especially Cali- 
fornia, has been progressive in terms of 
offering energy-efficiency rebates, Bednar 
is seeing the trend expanding. "We've 
been working with utility companies quite 
a while, but over the last year we've been 
seeing momentum pick up across the 
country." 

For organizations planning or building 
new data centers, as well as those involved 
in significant remodels to increase energy 
efficiency, it could very well pay to contact 
your power supplier to inquire about rebate 
programs. "Cun^ently, many utility compa- 
nies are establishing teams to help their 
customers. They may be able to offer help 
such as design and engineering resources, 
as well as practical advice on evaluating 
energy needs," Bednar notes. 

Another excellent information resource 
for state, local, utility, and selected federal 
incentives that promote renewable energy 
and energy efficiency is the Database of 
State Incentives for Renewables & Effi- 
ciency (www.dsireusa.org). Composed of a 
database updated weekly, it lists available 
programs, technologies, and links for addi- 
tional information, and it is an ongoing pro- 
ject of the Interstate Renewable Energy 
Council, which the U.S. Department of 
Energy funds and the North Carolina Solar 
Center manages. 

However, the ACEEE does warn that 
power company- and government-funded 
rebates are not guaranteed. Often, they 
rely on the accessibility of funding and 
may also be handed out on a competitive 
ranking system. Due to the volatility of the 
energy market, the ACEEE suggests 
applying for rebates in the planning stages 
of construction or upgrades but not includ- 
ing potential rebates in the installation 
budget. 



Breaking In New IT Staff 



Continued from Page 23 
Improper orientation of new employees 
can impact operations within IT, as well as 
those in other areas of the company. 
"You've hired someone to do a certain job, 
but as long as they're not able to fulfill the 
scope of that role, you're getting no return 
on your investment," says Shiau. "The 
longer it takes for an employee to get up to 
speed, the greater the direct and indirect 
cost to the company." 



Inefficient onboarding maturity often 
mirrors inadequate offboarding, as well, 
says Shiau. Lack of processes for terminat- 
ing system access when employees exit the 
organization can open up significant securi- 
ty vulnerabilities. 

Define Your Process 

To ensure a consistent experience for all 
new hires, consider implementing the fol- 
lowing best practices in your own shop: 



Focus on roles. Document the predeter- 
mined processes and rights that apply to 
each role within the IT organization. This 
accelerates setup procedures when placing 
access requests for new employees. 

Look at software. Although onboarding 
is more of a process challenge than a tech- 
nological one, some organizations may 
benefit by tracking activities with dedicated 
software packages. 

Adjust your timing. Get the wheels in 
motion well before the employee actually 
shows up. If it takes three weeks to execute 
all system access requests for new employ- 



ees, ensure requests are submitted at least 
that long before the employee's first day. 

Shiau says although it may be tempting to 
throw technology at the problem, this may 
be short-sighted. "Efficient onboarding isn't 
really about technology as much as it is 
about the underlying processes and your 
organization's ability to understand and 
know what's going on within those process- 
es," he says. "You've got to know where 
the roadblocks are. Then, once you've got 
the process mapped out, you can decide if 
and where you're going to apply technology 
to improve that process or workflow." 
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Keep Your Cool 



I SIX QUICK TIPS I 



Tips For Finding & Fixing 
Data Center Hot Spots 

by Robyn Weisman 

During summer, data centers can be 
the hottest places around. And even 
though you might keep your server room 
at arctic temperatures, you still run the 
risk of overheating pieces of your equip- 
ment. Data center hot spots can result 
from a misplaced server blowing hot in a 
corner, and even worse, you might not 
discover the problem until it has baked 
one of your storage drives. 

A proactive strategy is best for handling 
this issue, and fortunately, there are several 
easy fixes to improve your setup. 

Make Sure Your Basic Setup Works 

Lennart Stahl, senior product manager at 
Liebert Precision Cooling (a division of 
Emerson Network Power; www. liebert 
.com), says that first off, you should make 
sure the basics of your setup work. You 
should be using a hot-aisle/cold-aisle align- 
ment in your data center, and your CRAC 
(computer room air conditioner) units 
should be located at the end of hot aisles to 
lessen air travel and keep hot air from 
being pulled down into the cold aisles as it 
returns to the air conditioner. 

In addition, make sure that air flow 
obstructions, such as cables under the 
raised floor or in the air ducts, are removed 
or at least kept to a minimum. "These basic 
steps will help you avoid hot spots before 
they happen," Stahl says. 

Plug Holes 

Thomas Zimmerman, vice president of 
network infrastructure at data center solu- 
tions provider Cavern Technologies (www 



BONUS TIPS 



■ See if your cooling tower 
can use evaporative cool- 
ing. Dean Nelson, director of 
global lab and data center 
design services at Sun Mi- 
crosystems (www.sun.com), 
points out that low-humidity 
locales such as Nevada, parts 
of Texas, Arizona, and Cali- 
fornia often have 90+ degree 
days with minimal humidity. 
Data centers situated in these 



.caverntechnologies.com), says to plug 
your spaces with blanking panels or 
foam rubber. "When you have spaces 
between your servers in a rack, cold 
air can flow around the top or side of the 
server without actually passing through the 
server, decreasing your efficiency," 
Zimmerman says. "If blanks are not avail- 
able, use foam rubber to plug empty spaces 
between servers and on the sides of the 
rack. This process will force the cold air 
though the server more efficiently and help 
save on cooling costs." 

In addition, make sure you plug holes in 
your raised floor and put vented tiles in the 
right places, says Dean Nelson, director of 
global lab and data center design services at 
Sun Microsystems (www.sun.com). "Leaks 
in your cold air plenum decrease the effi- 
ciency of your cooling system," he says. 

Use Portable Cooling To Control Hot Spots 

Joe Armshaw, area manager at Atlas 
Sales & Rentals (510/713-3313; www.atlas 
sales.com), recommends using portable 
cooling equipment as a less expensive 
alternative to upgrading your entire cooling 
system, particularly if you find you only 
have one or two hot spots to remove. With 
dedicated cooling directed at these individ- 
ual spots, you will decrease the load on 
your entire system. 

"Most data centers have sufficient cool- 
ing throughout the floor area with the 
exception of certain racks that produce 
more heat," says Armshaw. "Because this 
heat is different than the rest of the data 
center load, the use of portable cooling will 
keep this area from affecting the efficiency 
of the data center system." 



places can take advantage 
of evaporative cooling as an 
energy-efficient means to min- 
imize hot spots. 

■ Optimize what exists. 

John Bennett, worldwide 
director of data center trans- 
formation solutions for HP 
(www.hp.com), says that one 
of the cheapest and most 
effective ways to prevent 



wasted electricity is to ensure 
that the warm air coming out 
of one device isn't directed to 
the air input of another. This 
not only prevents the heat 
from one device from causing 
another to overheat but better 
balances cooling (with lower 
costs) and reduces technology 
risks, as well. 



Strategically Cut Down Hot Spots 

Most solutions for finding and fixing hot 
spots are technical in nature; however, tak- 
ing a strategic approach has the potential to 
eliminate entire swathes of hot spots in the 
data center, says Jered Floyd, CTO at enter- 
prise archiving solutions provider Permabit 
(www.permabit.com). 

For example, primary storage farms 
typically run hot because they are de- 
signed to have data at the ready. But too 
often, data is kept on primary storage long 
after it could be moved off the primary 
tier, taking up space and requiring more 
energy. "In order to remedy the data cen- 



ter hot areas caused by suboptimal storage 
of fixed content, data center managers 
should identify unchanged data on prima- 
ry storage and move it to a more energy-, 
space-, and cost-efficient tier of storage," 
Floyd says. 

Floyd suggests you identify data that has 
not been accessed in 90 days or more and 
move it to a deduplicated disk-based 
archive. Power-efficient archives should 
include features such as advanced power 
management and spin-down disks. "You'll 
be storing significantly less data, using 
cost-effective storage [that is] less than $5 
per gigabyte, and consuming much less 
energy," Floyd says, til 



Best Tip: 

Conduct A CFD Assessment Of Your Data Center 



Lennart Stahl, senior product 
manager at Liebert Precision 
Cooling (a division of Emer- 
son Network Power; www 
.liebert.com), says the first 
thing you should do is con- 
duct a CFD (computational 
fluid dynamics) assessment 
of your data center. "A CFD 
assessment shows exactly 
how airflow is occurring in the 
data center and how changes 
in the space — new equipment 
or alignment, for example — 
affect that airflow," he says. 

According to Stahl, a CFD 
model checks the heat output 
of each of your servers and 
all additional equipment in 
your data center, along with 
all the cooling from the preci- 
sion cooling systems. This 



information builds an image 
that tracks airflow and tem- 
peratures and identifies areas 
where heat is an issue or 
where excessive cooling is 
creating inefficiencies. "This 
kind of detailed understanding 
allows data center managers 
to make informed decisions 
on everything from rack align- 
ment to server use and addi- 
tions to power and cooling 
infrastructure," Stahl says. 

For his part, Thomas Zimmer- 
man, vice president of net- 
work infrastructure at data 
center solutions provider 
Cavern Technologies (www 
.caverntechnologies.com), 
recommends getting your 
hands on a thermal imager to 
help you conduct your CFD. 

Most Counterintuitive Tip: 



He likens the image it pro- 
vides to a real-time weather 
map. "If there's a giant red 
ball by a sen/er, for example, 
you can do stuff to fix it and 
then see if in fact you have 
fixed it," he says. 

Zimmerman says that thermal 
imagers cost at least $10,000 
but that many resellers will 
often take a before and after 
image for you. "Tell them 
you're thinking of upgrading 
your cooling and [ask if they 
can] do an assessment," he 
suggests. As an alternative, 
you can also rent thermal 
imagers from about $200 per 
day, depending on the report- 
ing and other sen/ices that 
come with the rental. 



Turn Up The Thermostat 



Dean Nelson, director of glob- 
al lab and data center design 
services at Sun Microsystems 
(www.sun.com), says that 
studies indicate increasing 
your set point temperature by 
just one degree Fahrenheit 
can save 4 to 5% of room 
energy. Raising set point 
from 68 F to 72 F could save 
15 to 20% of the cooling ener- 
gy while still keeping air inlet 
temperatures well within com- 
puter manufacturer specifica- 



tions. In fact, ASHRAE (Amer- 
ican Society of Heating, Re- 
frigerating, and Air-Condition- 
ing Engineers; www.ashrae 
.org) recommends modern 
data center set points be set 
as high as 78 degrees Fah- 
renheit, a huge savings when 
compared to 68 to 72 F. 

John Bennett, worldwide di- 
rector of data center transfor- 
mation solutions for HP (www 
.hp.com), explains that mod- 



ern technology enables serv- 
er/storage systems to run at 
much warmer temperatures. 
Most customers keep the 
data center much too cold 
and spend more energy than 
needed for cooling. Work with 
your vendor's support staff to 
determine just how warm you 
can run things and use best 
practices such as hot and 
cold aisles to minimize power 
and cooling costs. 
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WHAT'S Happening 



How Good Is Your 

Sourcefire Improves How SMEs 
Minimize Network Threats & Attacks 



by Julie Sartain 

How WOULD YOU RATE your current secu- 
rity solution? Is your IPS (intrusion protec- 
tion system) technology frequently criti- 
cized for the number of alerts it produces? 
Are you constantly battling to keep the IPS 
tuned? What' s the answer? 

Sourcefire (www.sourcefire.com), found- 
ed in 2001 by Martin Roesch, the creator of 
the open-source project Snort, develops 
enterprise threat management products that 
help organizations manage and minimize 
network security, threats, and risks before, 
during, and after attacks. The company's 
flagship Sourcefire 3D System provides 
users with an intuitive solution that helps 
automate network protection through its 
innovative adaptive IPS capabilities. 

Sourcefire maintains close ties to the open- 
source community. Besides the Snort open- 
source project, the company has launched 
additional community-based projects such as 
OfficeCat, a freeware utility that detects 
potentially compromised Microsoft Office 
files, and ClamAV, an open-source antivirus 
and anti-malware project. 

How It All Works 

"Sourcefire believes that network secu- 
rity is more effective when you know 
more," says Mike Guiterman, director of 
open-source products at Sourcefire. "Our 
Vulnerability Research Team (VRT) takes 
it a step further; their motto is 'Know 
everything.'" 

Sourcefire uses a variety of methods for 
collecting up-to-date vulnerability informa- 
tion, notes Guiterman. These methods 



include public and private vulnerability 
feeds; deep connections with the open- 
source and vulnerability research commu- 
nities; intelligence gathered from cus- 
tomers, partners, honeypots, Web crawlers, 
and botfinders; and information gleaned 
from monitoring underground activity. 

Once the VRT verifies a new vulnerabili- 
ty, it uses a detailed, methodical process for 
developing effective rules. First, it models 
the environment; that is, it sets up and 
installs the "victim" environment. Next, it 
finds the triggering conditions, which means 
it determines what conditions need to be pre- 
sent in order for an attack to be successful. 

The next step is to model the protocol so 
the team understands transport. Then it ver- 
ifies everything and runs many tests. The 
VRT runs regression and false-positive 
testing with more than 150 million checks 
to ensure detection and minimize false pos- 
itives, adds Guiterman. 

The results of this process are rules 
designed to detect attempts to exploit vul- 
nerabilities instead of exploits. It's a subtle 
but critical difference. With exploit-based 
rules, developers are limited to the world of 
existing attacks — that is, they need a sam- 
ple of the exploit to write the rule, and 
they're virtually blind to any new exploit or 
variant of an existing exploit. "With vulner- 
ability-based rules, we can detect every 
attack against a given vulnerability, every 
time, whether the exploit is known or not," 
says Guiterman. 

R&D 

One of Sourcefire' s most critical R&D 
areas is its customers. Sourcefire uses the 



Security? 

open-source Snort community as its Vul- 
nerability Research Team, says Guiterman. 
Security isn't static; it's a dynamic environ- 
ment based on newly discovered vulnera- 
bilities and constantly evolving threats. 
Security products require regular updates to 
ensure that they provide protection in a 
dynamic environment. 

The VRT is primarily responsible for 
producing up-to-date detection rules for 
Sourcefire's commercial products and 
open-source Snort users. On average, 
notes Guiterman, the VRT produces a new 
Snort Rules update about twice a month. 
In addition, the team is responsible for 
producing up-to-date detection signatures 
for ClamAV, Sourcefire's open-source 

SOURCEfire 

anti-malware solution. The ClamAV sig- 
nature database is updated multiple times 
a day. 

"In short," says Guiterman, "these 
groups of dedicated researchers are the 
individuals who ensure that our commer- 
cial products and our open-source projects 
provide the highest level of protection 
against the latest network security 
threats." 

The Sourcefire engineering teams and the 
VRT developed a feature called RNA 
(Real-time Network Awareness)-Rec- 
ommended Rules. "Simply put, this feature 
can recommend a subset of the VRT 
Certified Snort Rules set to be turned, 
based on what's on the network and the 
needed levels of security," Guiterman 
notes. By using these RNA-Recommended 
Rules, Sourcefire customers can overcome 



the "noise level" most IDS/IPS products on 
the market today generate. 

One customer, a major healthcare com- 
pany, reported seeing a 62% reduction in 
alerts simply by enabling the RNA- 
Recommended Rules, notes Guiterman. 
"They went from 110,000 alerts per week 
down to 42,000 alerts per week, simply 
by following the Webcast instructions for 
using RNA-Recommended Rules," he 
says. 

About Snort 

Sourcefire recently announced the open- 
source beta release of SnortSP (Snort 
Security Platform). This is the first phase in 
a total re-architecture of Snort. 

The simplest definition of SnortSP is a 
common platform for aggregating and pro- 
cessing network traffic that can then be 
passed to multiple detection engines such 
as Snort, Sourcefire RNA, or other third- 
party detection applications, Guiterman 
notes. Parsed network traffic can be passed 
either serially or in parallel. Breaking Snort 
into an extensible platform and distinct 
detection engines enables an entire host of 
new features and performance improve- 
ments. 

SnortSP is a multithreaded application 
designed to take advantage of today's multi- 
core hardware. It's designed to be accelerat- 
ed, and it offers default support for network 
protocols including IPv6, MPLS, and GRE. 
SnortSP is much more efficient than tradi- 
tional solutions; for example, traffic only has 
to be decoded once, and then all detection 
technology can use SnortSP. 

Guiterman says SnortSP ships today with 
the Snort 2.8.x detection engine. The Snort 
3.0 detection engine will be purpose-built 
on this new platform and will ship some- 
time next year. 

Guiterman says, "Even though Snort is 
still the standard by which all IPS products 
are measured, Sourcefire will be re-archi- 
tecting Snort to be the de facto standard for 
the next 10 years." 



THREE QUESTIONS 



Elcomsoft Recovers 
Lost Passwords, 
Audits Security 

Regain Access To Protected Data, 
Applications, Systems 



by Daniel P. Dern 

One indication of the challenges of height- 
ened computer security, according to Elcom- 
soft, is that nearly half of support calls to IT 
are related to lost or forgotten passwords, 
with each incident costing the company an 
average of $30 to $50 to resolve. 

Established in 1990, ElcomSoft (+7 495 974 
1 1 62; www.elcomsoft.com) specializes in pro- 
ducing Windows productivity and utility applica- 
tions for businesses and individuals for pass- 
word recovery, forensics and investigation, 
password audit, and electronic discovery. 

Today, the Moscow, Russia,-based company 
has customers throughout the United States 
and around the world, including Fortune 500 



corporations such as Microsoft, Adobe, IBM, 
Cisco, Bank of America, Equifax, Boeing, and 
AT&T; forensic agencies; military and gov- 
ernmental institutions, such as the FBI, CIA, 
and the U.S. Army, Navy, and Department of 
Defense; and thousands of end users. 

■ What are the biggest IT-related 
issues facing today's small to midsized 
enterprise? 

"With growing government and industry regu- 
lations regarding computer and data, coupled 
with near-daily headlines of lost and stolen 
data and unauthorized computer access, IT 
is becoming increasingly aware of the need 
to ensure security, including through pass- 
word-based access and encryption for files, 



applications, and systems," says company CEO 
Vladimir Katalov. 

But, notes Katalov, "Most small to midsized 
companies today do not have the IT time or 
facilities to implement appropriate security poli- 
cies to prevent data leakage or hacker attacks. 
And even where password protection is in place 
for files and systems, these companies often 
don't adequately train users on proper password 
policies or conduct password audits." This, says 
Katalov, "can result in password-locked docu- 
ments, tables, archives, applications, and sys- 
tems that nobody knows the password for." 

Reasons for unavailable passwords can be that 
the user can't remember, lost, or even mali- 
ciously changed them, or the user is unavailable 
when access is needed due to vacation, illness, 
termination, or even an untimely death. 

■ What should Processor readers know 
about your company's products? 

"Elcomsoft's software makes it easier for organi- 
zations to recover lost passwords from Windows 
and Unix operating systems, Microsoft Office 
products, Adobe PDF files, ZIP and BAR ar- 
chives, and other applications without needing 
to own and use expensive hardware," says 
Katalov. "Our products can recover passwords 
for [more than] 100 different applications. Our 
bootable System Recovery CD or flash drive 
can unlock Windows accounts within minutes; 
reset account passwords, including Domain 
Admin; unlock and enable user and administra- 



tive accounts; and assign administrative privi- 
leges to any user account." 

ElcomSoft password recovery products include 
Elcomsoft's Password Recovery, ElcomSoft 
Password Recovery Bundle, and ElcomSoft Dis- 
tributed Password Recovery. In addition to pass- 
word recovery tools, ElcomSoft also offers a tool 
that performs security policy audits, Proactive 
Password Auditor, and a program to recover 
EFS-encrypted data. 

Elcomsoft's mission is to make people under- 
stand that password recovery is not the same as 
password cracking, Katalov stresses. "We see 
password recovery as a vital part of complex 
security policy that any organization might have 
to successfully protect its data in the future." 

■ What makes your company unique? 

ElcomSoft was one of the first Russian compa- 
nies to succeed in the shareware business, 
notes Katalov. Today, he says, "we have 
unique technologies that make our products 
faster and more powerful than the competition. 
Our patent-pending GPU acceleration can do 
password recovery up to 50 times faster than 
traditional CPU-only methods, when the sys- 
tem includes a compatible Nvidia graphics 
card, by offloading some of the computational- 
heavy processing. And our unique Thunder 
Tables technology for password recovery, 
which we have filed for a U.S. patent on, uses 
precomputed tables to speed up the recovery 
of 40-bit keys." 
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Mention This Ad For A Free Cagenut Removal Tool! (866) 207-6631 



IIACIfMOUNT 

SOLUTIONS, LTD 

where customer service matters 



Long Wallmount 
Rack 




Universal Rack Rails Takes Servers Up To 
31" Deep Available in 4U,6U&8U 

• Rack allows mounting of equipment in a 
vertical "knobs up" fashion (visualize a 
pendaflex hanging f aider) 

• Equipment mounts to backpan for even 
weight distribution 

• Hinged top cover allows user access to controls 

• Hinged body allows installer access to 
connections 

• Top cover and body keyed separately 

• Rack backpan includes venting and optional 
fan mounting with grills 

GSA Schedule #GS-35F-0208R 

www.Processor.com/RackmountSolutions19 



Wallmount 
Relay Rack 




• Self-squaring guarantees easy assembly 

• Two depths: 13" and 19" 

• Five heights: 8U, 12U, 15U, 18U, and SOU 

• No more stripped threaded holes 

• Ultimate versatility with universal rack rail. 
Use 10-32, 12-24 or m6 screws. 

See our IT70 GSA Schedule #GS-35F-0208R 

www.Processor.com/RackmountSolutions18 



NETWORK Series 
Network Rack 




• Need a COMM rack with the rack rails 
moved to one side to accommodate large 
cable bundles? 

• You have the option to slide your vertical rack 
rails horizontally as well as vertically. Set your 
rackmount width to 1 9 or 23 inches. Talk 
about versatility! 

• Slide the rack rails to one side of the cabi- 
net, allowing for additional 4 to 9 inches of 
space on the opposite side to run large 
cable bundles. 

GSA Schedule #GS-35F-0208R 



Rackmount Shockmount 
Shipping Case 




20", 24", 28" & 30" Depths 

Million Mile Warranty: Every SKB hardshell 
case is unconditionally guaranteed forever. That 
means if you break it, we will repair it or replace 
it at no cost to you. SKB cases have been on 
the road since 1977 and have spent a good deal 
of time flying equipment for military combat 
operations. These are tough cases built for a 
lifetime of service. 

GSA Schedule #GS-35F-0208R 

www.Proijtibi>uLijuin/ncii;KinountSolutions14 



Tabletop / Portable 
Server Rack 




32" (Usable Depth) - Perfect On or Under Desk 

•3U,6U,9U,12U andlSU Heights 

• Includes 4.5" fan, 25 pes M6 hardware/cage 
nuts & levelers 

• Black, locking plexi front door and vented 
rear door 

•Supports Dell/IBM/HP/Compaq, etc. (univ. 
mounting rails) 

See our IT70 GSA Schedule #GS-35F-0208R 

www.Processor.com/RackmountSolutions2 



Rackmount 
TFT / LCD Drawer 




Superb Quality • Unparalleled Versatility 
More choices than you ever dreamed of I 

•13", 15", 17", 19" 

•Touch pad, track ball, real mouse 

• With or without 4-, 8- or 1 6-port KVM 

• 1 U or 2U for independent monitor/keyboard use 
www.Processor.com/RackmountSolutions 



ISO 9001 :2000 GSA GSA #GS-35F-0208R 

866-207-6631 I www.RackmGuntSoiutions.net 



